File name:

lmc-1.2.39-win32.exe

Full analysis: https://app.any.run/tasks/83cc97a8-052b-4621-89c5-8edad4b7adde
Verdict: Malicious activity
Analysis date: October 27, 2024, 18:33:27
OS: Windows 10 Professional (build: 19045, 64 bit)
Indicators:
MIME: application/vnd.microsoft.portable-executable
File info: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive, 5 sections
MD5:

536914EACC5B37601FC15F97F5D35143

SHA1:

B022CAF3863F0CA7C288EE3DF489F2D8300801A9

SHA256:

B38068DA0BC1847E787441FBA89C3BB1C3D6C2B8D15189B91332FD39E1459714

SSDEEP:

98304:lCyusgDgz4166+R8U01I99YtTJekx4+O84fRVtIBPTiepsyaeLDE0rC3OMhHOd8/:tGHrU21hctyKN/px

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Changes the autorun value in the registry

      • lmc.exe (PID: 1068)
      • lmc.exe (PID: 6420)
      • lmc.exe (PID: 6568)

  • SUSPICIOUS

    • Malware-specific behavior (creating "System.dll" in Temp)

      • lmc-1.2.39-win32.exe (PID: 6572)

    • The process creates files with name similar to system file names

      • lmc-1.2.39-win32.exe (PID: 6572)

    • Executable content was dropped or overwritten

      • lmc-1.2.39-win32.exe (PID: 6572)

    • Creates a software uninstall entry

      • lmc-1.2.39-win32.exe (PID: 6572)

  • INFO

    • Checks supported languages

      • lmc-1.2.39-win32.exe (PID: 6572)
      • lmc.exe (PID: 1068)
      • lmc.exe (PID: 6568)
      • lmc.exe (PID: 6420)

    • Creates files in the program directory

      • lmc-1.2.39-win32.exe (PID: 6572)

    • Reads the computer name

      • lmc-1.2.39-win32.exe (PID: 6572)
      • lmc.exe (PID: 1068)
      • lmc.exe (PID: 6420)
      • lmc.exe (PID: 6568)

    • Create files in a temporary directory

      • lmc-1.2.39-win32.exe (PID: 6572)
      • lmc.exe (PID: 1068)

    • Reads the machine GUID from the registry

      • lmc.exe (PID: 6420)
      • lmc.exe (PID: 6568)

    • Checks proxy server information

      • lmc.exe (PID: 6420)
      • lmc.exe (PID: 6568)

    • Manual execution by a user

      • lmc.exe (PID: 6568)
      • mspaint.exe (PID: 6392)
      • mspaint.exe (PID: 696)

    • Creates files or folders in the user directory

      • lmc.exe (PID: 6568)
      • lmc.exe (PID: 1068)
      • lmc.exe (PID: 6420)

    • Sends debugging messages

      • lmc.exe (PID: 6568)
      • lmc.exe (PID: 6420)
      • lmc.exe (PID: 1068)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.exe | Win32 Executable MS Visual C++ (generic) (67.4)
.dll | Win32 Dynamic Link Library (generic) (14.2)
.exe | Win32 Executable (generic) (9.7)
.exe | Generic Win/DOS Executable (4.3)
.exe | DOS Executable Generic (4.3)

EXIF

EXE

MachineType: Intel 386 or later, and compatibles
TimeStamp: 2018:12:15 22:24:32+00:00
ImageFileCharacteristics: No relocs, Executable, No line numbers, No symbols, 32-bit
PEType: PE32
LinkerVersion: 6
CodeSize: 25088
InitializedDataSize: 118784
UninitializedDataSize: 1024
EntryPoint: 0x3328
OSVersion: 4
ImageVersion: 6
SubsystemVersion: 4
Subsystem: Windows GUI
FileVersionNumber: 1.2.3.9
ProductVersionNumber: 1.2.3.9
FileFlagsMask: 0x0000
FileFlags: (none)
FileOS: Win32
ObjectFileType: Executable application
FileSubtype: -
LanguageCode: English (U.S.)
CharacterSet: Windows, Latin1
CompanyName: LAN Messenger
FileDescription: LAN Messenger Installer
FileVersion: 1.2.39
LegalCopyright: Copyright (c) 2010-2011 Dilip Radhakrishnan.
ProductName: LAN Messenger
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
148
Monitored processes
10
Malicious processes
1
Suspicious processes
3

Behavior graph

Click at the process to see the details
start lmc-1.2.39-win32.exe lmc.exe lmc.exe lmc.exe mspaint.exe no specs sppextcomobj.exe no specs slui.exe mspaint.exe no specs slui.exe no specs lmc-1.2.39-win32.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
696"C:\WINDOWS\system32\mspaint.exe" "C:\Users\admin\Desktop\thattheory.png"C:\Windows\System32\mspaint.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Paint
Exit code:
0
Version:
10.0.19041.3758 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\mspaint.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\acgenral.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
1068"C:\Program Files (x86)\LAN Messenger\lmc.exe" /silent /sync /quitC:\Program Files (x86)\LAN Messenger\lmc.exe
lmc-1.2.39-win32.exe
User:
admin
Company:
LAN Messenger
Integrity Level:
HIGH
Description:
LAN Messenger
Exit code:
0
Version:
1.2.35
Modules
Images
c:\program files (x86)\lan messenger\lmc.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\imm32.dll
2796"C:\WINDOWS\System32\SLUI.exe" RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEventC:\Windows\System32\slui.exe
SppExtComObj.Exe
User:
NETWORK SERVICE
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Windows Activation Client
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\slui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\user32.dll
4340C:\WINDOWS\system32\SppExtComObj.exe -EmbeddingC:\Windows\System32\SppExtComObj.Exesvchost.exe
User:
NETWORK SERVICE
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
KMS Connection Broker
Version:
10.0.19041.3996 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\sppextcomobj.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\oleaut32.dll
5240"C:\Users\admin\AppData\Local\Temp\lmc-1.2.39-win32.exe" C:\Users\admin\AppData\Local\Temp\lmc-1.2.39-win32.exeexplorer.exe
User:
admin
Company:
LAN Messenger
Integrity Level:
MEDIUM
Description:
LAN Messenger Installer
Exit code:
3221226540
Version:
1.2.39
Modules
Images
c:\users\admin\appdata\local\temp\lmc-1.2.39-win32.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
5588C:\WINDOWS\System32\slui.exe -EmbeddingC:\Windows\System32\slui.exesvchost.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Activation Client
Version:
10.0.19041.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\slui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\user32.dll
6392"C:\WINDOWS\system32\mspaint.exe" "C:\Users\admin\Desktop\archivesvacation.png"C:\Windows\System32\mspaint.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Paint
Exit code:
0
Version:
10.0.19041.3758 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\mspaint.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\acgenral.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\bcrypt.dll
6420"C:\Program Files (x86)\LAN Messenger\lmc.exe"C:\Program Files (x86)\LAN Messenger\lmc.exe
lmc-1.2.39-win32.exe
User:
admin
Company:
LAN Messenger
Integrity Level:
HIGH
Description:
LAN Messenger
Version:
1.2.35
Modules
Images
c:\program files (x86)\lan messenger\lmc.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\imm32.dll
6568"C:\Program Files (x86)\LAN Messenger\lmc.exe" C:\Program Files (x86)\LAN Messenger\lmc.exe
explorer.exe
User:
admin
Company:
LAN Messenger
Integrity Level:
MEDIUM
Description:
LAN Messenger
Version:
1.2.35
Modules
Images
c:\program files (x86)\lan messenger\lmc.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\imm32.dll
6572"C:\Users\admin\AppData\Local\Temp\lmc-1.2.39-win32.exe" C:\Users\admin\AppData\Local\Temp\lmc-1.2.39-win32.exe
explorer.exe
User:
admin
Company:
LAN Messenger
Integrity Level:
HIGH
Description:
LAN Messenger Installer
Exit code:
0
Version:
1.2.39
Modules
Images
c:\users\admin\appdata\local\temp\lmc-1.2.39-win32.exe
c:\windows\system32\ntdll.dll
c:\windows\syswow64\ntdll.dll
c:\windows\system32\wow64.dll
c:\windows\system32\wow64win.dll
c:\windows\system32\wow64cpu.dll
c:\windows\syswow64\kernel32.dll
c:\windows\syswow64\kernelbase.dll
c:\windows\syswow64\apphelp.dll
c:\windows\syswow64\user32.dll
Total events
3 088
Read events
3 013
Write events
73
Delete events
2

Modification events

(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\LAN Messenger\LAN Messenger
Operation:writeName:InstallDir
Value:
C:\Program Files (x86)\LAN Messenger
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\LAN Messenger\LAN Messenger
Operation:writeName:Version
Value:
1.2.39
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\LAN Messenger\LAN Messenger
Operation:writeName:FirstRun
Value:
0
(PID) Process:(1068) lmc.exeKey:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Operation:writeName:LAN Messenger
Value:
C:\Program Files (x86)\LAN Messenger\lmc.exe
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:DisplayName
Value:
LAN Messenger
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:UninstallString
Value:
C:\Program Files (x86)\LAN Messenger\uninst.exe
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:InstallLocation
Value:
C:\Program Files (x86)\LAN Messenger
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:DisplayIcon
Value:
C:\Program Files (x86)\LAN Messenger\lmc.exe,0
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:DisplayVersion
Value:
1.2.39
(PID) Process:(6572) lmc-1.2.39-win32.exeKey:HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAN Messenger
Operation:writeName:Publisher
Value:
LAN Messenger
Executable files
7
Suspicious files
28
Text files
10
Unknown types
0

Dropped files

PID
Process
Filename
Type
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\ssleay32.dllexecutable
MD5:284E004B654306F8DB1A63CFF0E73D91
SHA256:2D11228520402EF49443AADC5D0F02C9544A795A4AFC89FB0434B3B81EBDD28C
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\libeay32.dllexecutable
MD5:DE484D5DAFE3C1208DA6E24AF40E0A97
SHA256:007342C6B9B956F416F556B4BD6F1077E25BD077CC4F4AC136E3FCCB803746E3
6572lmc-1.2.39-win32.exeC:\Users\admin\AppData\Local\Temp\nskBA04.tmp\modern-header.bmpimage
MD5:610C5FF9FCD6932735A0BD99B3E1AE88
SHA256:3A6DB5E57A18B31C14DEA70E54577AE7E3065A9360C811C06341B56FBE43FD9B
6572lmc-1.2.39-win32.exeC:\Users\admin\AppData\Local\Temp\nskBA04.tmp\System.dllexecutable
MD5:FBE295E5A1ACFBD0A6271898F885FE6A
SHA256:A1390A78533C47E55CC364E97AF431117126D04A7FAED49390210EA3E89DD0E1
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\license.txttext
MD5:FE06497ACAF4F45999925D348C2605F9
SHA256:B3D1EAE7F524FC9DDD48562A4652EFD2BCD848E38B03F05E388BCCE943E73DF2
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\sounds\filedone.wavbinary
MD5:09B86DB836A6D16A6637740AB49185DF
SHA256:56103EEF3DA6D0870CE78A92609E2C37AF42EB558AFC7ED5968ABB1285BEA63D
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\sounds\newfile.wavbinary
MD5:7CEDBCD7569AF53BBFA5BF70D55FCCA6
SHA256:58F4B7D80C9B9C1BA29EC463690EF4D33BCBBC730B8EED24C079AE6ED83A845E
6572lmc-1.2.39-win32.exeC:\Users\admin\AppData\Local\Temp\nskBA04.tmp\nsDialogs.dllexecutable
MD5:AB101F38562C8545A641E95172C354B4
SHA256:3CDF3E24C87666ED5C582B8B028C01EE6AC16D5A9B8D8D684AE67605376786EA
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\lang\bg_BG.qmbinary
MD5:36E09762A084BE08C5D60B78DDE9FC48
SHA256:17BDD2BF7ACA4F5D100F4FBB550B696B9BD31E1FFF86F865514B9AB4DE7388C8
6572lmc-1.2.39-win32.exeC:\Program Files (x86)\LAN Messenger\lmc.exeexecutable
MD5:6CFE740BA0603B3DD2ADA4D893C26D8B
SHA256:F271D046FA8DD18DCA69E6BFB866D1802F81C6979C5C25555332DD5856736AF0
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
9
TCP/UDP connections
50
DNS requests
28
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
6792
SIHClient.exe
GET
200
23.218.209.163:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Product%20Root%20Certificate%20Authority%202018.crl
unknown
whitelisted
4360
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEA77flR%2B3w%2FxBpruV2lte6A%3D
unknown
whitelisted
4360
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTrjrydRyt%2BApF3GSPypfHBxR5XtQQUs9tIpPmhxdiuNkHMEWNpYim8S8YCEAI5PUjXAkJafLQcAAsO18o%3D
unknown
whitelisted
2776
svchost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
whitelisted
4360
SearchApp.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAUZZSZEml49Gjh0j13P68w%3D
unknown
whitelisted
6792
SIHClient.exe
GET
200
23.218.209.163:80
http://www.microsoft.com/pkiops/crl/Microsoft%20ECC%20Update%20Secure%20Server%20CA%202.1.crl
unknown
whitelisted
612
backgroundTaskHost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEAn5bsKVVV8kdJ6vHl3O1J0%3D
unknown
whitelisted
6944
svchost.exe
GET
200
23.48.23.143:80
http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
unknown
whitelisted
6944
svchost.exe
GET
200
23.218.209.163:80
http://www.microsoft.com/pkiops/crl/MicSecSerCA2011_2011-10-18.crl
unknown
whitelisted
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
5488
MoUsoCoreWorker.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
6944
svchost.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
864
RUXIMICS.exe
4.231.128.59:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
whitelisted
4
System
192.168.100.255:138
whitelisted
6944
svchost.exe
23.48.23.143:80
crl.microsoft.com
Akamai International B.V.
DE
whitelisted
6944
svchost.exe
23.218.209.163:80
www.microsoft.com
AKAMAI-AS
DE
whitelisted
5488
MoUsoCoreWorker.exe
51.124.78.146:443
settings-win.data.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
NL
whitelisted
4360
SearchApp.exe
104.126.37.171:443
www.bing.com
Akamai International B.V.
DE
whitelisted
4360
SearchApp.exe
192.229.221.95:80
ocsp.digicert.com
EDGECAST
US
whitelisted

DNS requests

Domain
IP
Reputation
settings-win.data.microsoft.com
  • 4.231.128.59
  • 51.124.78.146
whitelisted
google.com
  • 142.250.185.174
whitelisted
crl.microsoft.com
  • 23.48.23.143
  • 23.48.23.176
whitelisted
www.microsoft.com
  • 23.218.209.163
whitelisted
www.bing.com
  • 104.126.37.171
  • 104.126.37.170
  • 104.126.37.128
  • 104.126.37.137
  • 104.126.37.131
  • 104.126.37.160
  • 104.126.37.123
  • 104.126.37.130
  • 104.126.37.129
whitelisted
ocsp.digicert.com
  • 192.229.221.95
whitelisted
login.live.com
  • 40.126.31.67
  • 40.126.31.71
  • 20.190.159.2
  • 40.126.31.73
  • 20.190.159.71
  • 20.190.159.4
  • 40.126.31.69
  • 20.190.159.75
whitelisted
th.bing.com
  • 104.126.37.130
  • 104.126.37.179
  • 104.126.37.123
  • 104.126.37.129
  • 104.126.37.139
  • 104.126.37.186
  • 104.126.37.178
  • 104.126.37.144
  • 104.126.37.177
whitelisted
go.microsoft.com
  • 23.218.210.69
whitelisted
slscr.update.microsoft.com
  • 172.202.163.200
whitelisted

Threats

No threats detected
Process
Message
lmc.exe
libpng warning: iCCP: known incorrect sRGB profile
lmc.exe
QPixmap::scaled: Pixmap is a null pixmap
lmc.exe
libpng warning: iCCP: known incorrect sRGB profile
lmc.exe
QPixmap::scaled: Pixmap is a null pixmap
lmc.exe
libpng warning: iCCP: known incorrect sRGB profile
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
lmc-1.2.39-win32.exe