General
-
Target
LANcetChat-Installer.msi
-
Size
42.4MB
-
Sample
240313-mw3j6sbc9s
-
MD5
472782de132afa90060b44aef121fc8e
-
SHA1
bc32c5ff69c8cf5eb0cd4af046ce202e1c68140c
-
SHA256
ec1b6294a2f74cfcd017ae619f95f33cb44022bc1cc1e47b52c4e1bfeb1e3f29
-
SHA512
9b5b636c7b3a474dd08050bbbf3be9a1741d8a9a153c217f2ef23833679cf64c52cd930c6d3632d4913e106ca002574aaa987ceea25031d4bc4c754df22bf901
-
SSDEEP
786432:nlUcyQtNtEnHNVtRyBmH1UUWp/sxdJBt454iLWDswnvfP9uJF3Li8dY:n2crLSNC8WJpEW+AwnHP9uri
Static task
static1
Behavioral task
behavioral1
Sample
LANcetChat-Installer.msi
Resource
win10-20240221-en
Behavioral task
behavioral2
Sample
LANcetChat-Installer.msi
Resource
macos-20240214-en
Malware Config
Targets
-
-
Target
LANcetChat-Installer.msi
-
Size
42.4MB
-
MD5
472782de132afa90060b44aef121fc8e
-
SHA1
bc32c5ff69c8cf5eb0cd4af046ce202e1c68140c
-
SHA256
ec1b6294a2f74cfcd017ae619f95f33cb44022bc1cc1e47b52c4e1bfeb1e3f29
-
SHA512
9b5b636c7b3a474dd08050bbbf3be9a1741d8a9a153c217f2ef23833679cf64c52cd930c6d3632d4913e106ca002574aaa987ceea25031d4bc4c754df22bf901
-
SSDEEP
786432:nlUcyQtNtEnHNVtRyBmH1UUWp/sxdJBt454iLWDswnvfP9uJF3Li8dY:n2crLSNC8WJpEW+AwnHP9uri
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Blocklisted process makes network request
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-