fe8f09e2d059dd456a26796e8932959e175eb3a9e7acc89acf5d7572a67dbad8

Sharing

Copy URL

Twitter E-mail

General

Target

lc.zip
Size

221.6MB
Sample

240802-vrf5daxdmh
MD5

5d9608cd2fde909c2486cb363ac5a3a3
SHA1

20e29ad34f0edf6750cd2444344a075a2228bf0a
SHA256

fe8f09e2d059dd456a26796e8932959e175eb3a9e7acc89acf5d7572a67dbad8
SHA512

de09e6db66693c9c1dba26fb1bd3d19a5393563554a94c4ca0e70855401f578c142b734c657b398997af3804d5669209b114f5bc2c9eb787d7650e51983dac3a
SSDEEP

6291456:sTncU2IKOeJ95ZFehT5vmB3B56QymctwL7qW2nEnA:sTncU2hOgZFenoLy0L7HNnA

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  lc/analysers/obj/Release/netstandard2.1/analysers.dll
- Size
  
  14KB
- MD5
  
  2af53e909a9249816cb081168899f3d0
- SHA1
  
  86d6ff948c1802373d0949141ba2679de57fbbcc
- SHA256
  
  142b43a97abafa8411952239a0f02d0dada3a47c3b3dd78785aae078b87dc7cc
- SHA512
  
  c92e63beb2e9419ee3fa13ee4736a57ec1fefdab3f7df7b1291242f2b9a4c32c998b7e62c46d50c83265a487293c0a7adc8dcd2038ec0f9c2708af433ffe6b96
- SSDEEP
  
  384:OwGtvklcWYrxkqKKPQli2KnHx8AgtI7HbT8KftQnN:Olt0YrxJFPQo2KnR8D8g3
Score

1^/10
behavioral1 behavioral2
- Target
  
  lc/bin/analysers.dll
- Size
  
  14KB
- MD5
  
  2af53e909a9249816cb081168899f3d0
- SHA1
  
  86d6ff948c1802373d0949141ba2679de57fbbcc
- SHA256
  
  142b43a97abafa8411952239a0f02d0dada3a47c3b3dd78785aae078b87dc7cc
- SHA512
  
  c92e63beb2e9419ee3fa13ee4736a57ec1fefdab3f7df7b1291242f2b9a4c32c998b7e62c46d50c83265a487293c0a7adc8dcd2038ec0f9c2708af433ffe6b96
- SSDEEP
  
  384:OwGtvklcWYrxkqKKPQli2KnHx8AgtI7HbT8KftQnN:Olt0YrxJFPQo2KnR8D8g3
Score

1^/10
behavioral3 behavioral4
- Target
  
  lc/bin/lc-hax.dll
- Size
  
  3.2MB
- MD5
  
  158cc62cd5216ff4c3977236288295ea
- SHA1
  
  b6eaa344af6f7cd0f7d99472b2245706257297c9
- SHA256
  
  a45608ca27ea90e05a271c9b1acfb80ed974b3dca50f76c49a9ff795c27853ba
- SHA512
  
  e286c41e72e6099bc14cd656ce5b48250b4286d4ce1ed43317734bcd62742a1b0bcf2a1d423effe061eb754890180dc451782d4841411a2e76330e508c8d043d
- SSDEEP
  
  24576:UvgabB97DqxNcckUU2/LuBVKzW2jMDLL8QLpUch15R8rfsNU6BmxgthyFHAyBpbd:UNBdPczUCQjZBXR4ENknJ/BLj
Score

1^/10
behavioral5 behavioral6
- Target
  
  lc/launch-dev.bat
- Size
  
  265B
- MD5
  
  f1977ea6e10f9d581e8e7bfed3e3b875
- SHA1
  
  7bb8be82f46228f7a4a6c48258a0584554f8f80f
- SHA256
  
  b381dcb457418c55193872bfe471fc13852c4943ed63d78d095d5493ff731ce1
- SHA512
  
  580de554ac30a59033c98a3fafc53fbe2e0f721b8b078e5fedd86ef85df2bb3f284520e49e033a72004c21854ada0932fc92ccd56b4fe43f5876cec40a662f26
Score

7^/10

discovery
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
behavioral7 behavioral8
- Target
  
  lc/launch.bat
- Size
  
  65B
- MD5
  
  f5db95aa72a8d8db489c48678c6d27d9
- SHA1
  
  3ff379b0ccf65b886c8c500f84bd2faf74a33c63
- SHA256
  
  cb54c5185246eaccfc342b576a09119d0b0f93f558fdf78e7b99da2eaccb54cb
- SHA512
  
  4f88669a795f0e37d62e8711237e7a078d24431b8b67c201ee9486b1575772e9d69c64039bb86988402104f153b290d9deecf0c56e08dda1f39a612c417421cd
Score

7^/10

discovery
- Loads dropped DLL
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
behavioral10 behavioral9
- Target
  
  lc/lc-hax/References/Assembly-CSharp-firstpass.dll
- Size
  
  383KB
- MD5
  
  796a1a26656e5a4804ca90f60424b52e
- SHA1
  
  8511fe5203b5019cdcf36bd2933554e89f53d628
- SHA256
  
  c6e28f885d62340863d76426df9190eed1c8c97bb74b4ba122c439573e2b753f
- SHA512
  
  c734c080e146306adec4f36eef98fb2ca38797a787c4365bc8519de7e4627157d01722c32e978ce0e020abb59c550d3a2f19e37918a4606aab6877e71d4ac67f
- SSDEEP
  
  6144:kWAoL6yw0WbYUV20wNs+Lci8VCGqFh+Af3Q3DTdOtHZoqN7O40fC7jN5y+vR48XF:kIQiOiF8VCG3NOtHXNS4MC/J
Score

1^/10
behavioral11 behavioral12
- Target
  
  lc/lc-hax/References/Assembly-CSharp.dll
- Size
  
  1.6MB
- MD5
  
  e2c1fdb4ac8390a571b39405ff5eadcb
- SHA1
  
  8c569f96b21e314f06f2a87cd4e546a3f572da73
- SHA256
  
  a6b2633fe729b9c147466cd4a92168872ef789620eb29ff723a33937837ac9b0
- SHA512
  
  243eab692d7777e5b7ef6b3e9983d86d46080e1dc8276bae1e8a41a4b0c80a451f2a1cae109f0b6737f8964265159b667e2dac46e451232d4073a70976fcd519
- SSDEEP
  
  49152:dXmd9PHgDfgorLABrqkl7b3Iu/r5GMN8wSDR3QrSC:xm3PHgDfgorLABrqkl7zIV
Score

1^/10
behavioral13 behavioral14
- Target
  
  lc/lc-hax/References/DissonanceVoip.dll
- Size
  
  290KB
- MD5
  
  d27ed0d06430779c036d3ddf3115a6e5
- SHA1
  
  d0a9534b4e91bccde619c2d0b966a641fddb462d
- SHA256
  
  b3018a0a795e31034d75bb672db0102c799b1b763962a9c69b7d960fe99d24f3
- SHA512
  
  8cd3214918afae4ca57f6092b12db435131e1a383d94381393cf73d6631b41b7604905dbf9248dbd34837a9716b6b286c5fc650788b29b6ac5d60ac0dc88862a
- SSDEEP
  
  6144:woG/DQXCg0e43xFLBXCBtLwPBGX/F0zU00vEALB:woG/DQSg0e4BV+XEU00MA
Score

1^/10
behavioral15 behavioral16
- Target
  
  lc/lc-hax/References/Facepunch.Steamworks.Win64.dll
- Size
  
  534KB
- MD5
  
  9b6881f3af33f662ee9a2a8f07016b98
- SHA1
  
  06e4b53d3d7177d2465c9f53e7881a8c4cfb8ac0
- SHA256
  
  7f4e025564e9b2dd6ac248727b37c9767212c567b18a422629256737524d23b8
- SHA512
  
  39bf3ffa5456db92f5d44c78764efc6cdc5a4c52e7493a1a1940dbbcf4268120538b0b86db3ccdbf9cc3453b11ef3d6827db4fa38ce18968f38829a1e600253e
- SSDEEP
  
  12288:4dMCyDIDge2t7yOcEXJ5HfuhftgUT2lCeamE:sVDge2t7JJ5/2ftgUT2lCeamE
Score

1^/10
behavioral17 behavioral18
- Target
  
  lc/lc-hax/References/NuGet/fsharp.core/4.5.2/lib/net45/FSharp.Core.dll
- Size
  
  2.6MB
- MD5
  
  a80e2b565c2f5c254fd6ad337c61b2eb
- SHA1
  
  5ab71f169a63ac1af2d65c33171a3d7c9805258e
- SHA256
  
  f23c15d8aff7400218fb0e2157135b0134b060607b1a48cbcaff52b9ae12ac49
- SHA512
  
  24e8f678e62825c79c3a1e1ae8dcedc50eb8dfc14cfe2ac3e2ac49849d8f438c93a9738e211f6dcadbc4afd2af06a5fc74c9a523e7816600955be7b18a229e27
- SSDEEP
  
  24576:akzqyV8feQfdH0lCig+o8LMVnVIozJ8sx/MYmu2mJCOf08f4oX:akzqyVceQfdSgOYosf0C
Score

1^/10
behavioral19 behavioral20
- Target
  
  lc/lc-hax/References/NuGet/fsharp.core/4.5.2/lib/net45/FSharp.Core.resources.dll
- Size
  
  21KB
- MD5
  
  74afd0d6c293c8b614f2cc30628fd1df
- SHA1
  
  0c8390822d10980c132c075eee9f6567faadd32e
- SHA256
  
  c63c49773f5d2095507068c6a3812cefea58ec11f6dcab21442b62dd6f67e3b1
- SHA512
  
  2452fe8a005c97528cad68dcdb6f5d874b2478e96821d56260d33ad58e15f9e4e39c10b7fd5418ba17e05687deb34cab69f0ae8e3607858f0f402c484ae12633
- SSDEEP
  
  384:HQvGFbftvqr6LLrn5vDqFqQYLe48OdYTrtW0T4DSr9i8g4R63jhUTaTtpKZWQgW:HkCftvcoioqr9i8K8N
Score

1^/10
behavioral21 behavioral22
- Target
  
  lc/lc-hax/References/NuGet/fsharp.core/4.5.2/lib/net45/cs/FSharp.Core.resources.dll
- Size
  
  40KB
- MD5
  
  25c9662b70cff94e84697e09d70a3d52
- SHA1
  
  8a4f5b362e7e25386cba37063415599eca410659
- SHA256
  
  7b01557cd6ff0ab288a952031a4db24dbb0d70fae50f92559ac8171eb60dce00
- SHA512
  
  d07e81f5ef79c0794dfdc7589f7285afa2afae6b717eb22041b6f8321c72765051b3b8261922edbd2564c80ce397e193714c55bbb2daba0f2c78acbe607d6a22
- SSDEEP
  
  768:Z11Qf/d+5faKbgpUJCHsRm7DnzQ1gl5CTiSLd:Jo/I4Kbgif0nzQ1eERd
Score

1^/10
behavioral23 behavioral24
- Target
  
  lc/lc-hax/References/NuGet/fsharp.core/4.5.2/lib/net45/de/FSharp.Core.resources.dll
- Size
  
  41KB
- MD5
  
  84c00c8391e41ca7262f0365c55c7dc6
- SHA1
  
  673952c62e654e2710a5added73bb40cad993026
- SHA256
  
  977b354d38d3063ea4b5a183533f0fff01e1048f705819a4ffc4342a16af9142
- SHA512
  
  7b4f48eb02c9f5b4d6d39491f914cd84aff2b95a7e8ee719a4e391a977f9b5529b85fa8e08e2d8f104fd7d0c4b8bb1d9be4bdc5c2f01739ab0b1cfb510dca6bf
- SSDEEP
  
  384:vMvGiflHNR5jYDMB2rAdRjXNPia76EgKgsPHBHIVWQgWhkimuT+quY0GftpBj5LX:IFflUQ2rAjj9PFD7PHBoZ3CTi7tuL3i1
Score

1^/10
behavioral25 behavioral26
- Target
  
  lc/lc-hax/References/NuGet/fsharp.core/4.5.2/lib/net45/en/FSharp.Core.resources.dll
- Size
  
  38KB
- MD5
  
  5ab323cacb2fab631739ee445209c688
- SHA1
  
  386be723658a44df1d07712437c1c9b3395134ac
- SHA256
  
  0824289e2bd6343134deb6e7679f5b5f20a3bb7e31d0ef615f94808fe4fc7d66
- SHA512
  
  78b3f55098bb18fc7ccb67a06efb5a63b6fcec79b57cddc6b8127e932cfc0d9d9d1eccad21f71ebd47aff236a8c91d1184db24f8a26e73a1c9ea88740b608495
- SSDEEP
  
  384:1vG7fQBFsJCVRyODw26Li4UyJvf889bWQgWWSOmuT+quY0GftpBjC2waQHRN73a/:BkfMai4UyJvt3NOCTiovL3aFLpMS
Score

1^/10
behavioral27 behavioral28
- Target
  
  lc/lc-hax/References/NuGet/fsharp.core/4.5.2/lib/net45/es/FSharp.Core.resources.dll
- Size
  
  40KB
- MD5
  
  e0360210b25e8dc6880fa7085978b7a8
- SHA1
  
  c63480537d97b9eb92e598fd34e519b37a486b2b
- SHA256
  
  3b16d196eeff0e69c3cc9bbb76b84c0bd95972a440822bc1c0321386cd1578e2
- SHA512
  
  d7c71338145d61443576612ceb51593cd4ec6a3676eee45032fd17337a2ad9d216b30cdf5275d9d0d7ff2c155ffdae82d933697b7dfcb2e0623686cc00912ecd
- SSDEEP
  
  768:vmifyFjh9Ogh7uYukostajQU1nrgPjNjS2ewb/CTiSWLS:+ayv8gh7uYukostajQU1nUPjN5b/ElMS
Score

1^/10
behavioral29 behavioral30
- Target
  
  lc/lc-hax/References/NuGet/fsharp.core/4.5.2/lib/net45/fr/FSharp.Core.resources.dll
- Size
  
  40KB
- MD5
  
  d7e76c91e6f45a4121367cb3ffaf78e3
- SHA1
  
  0b634dd21610a4720be3fa31d9d53983c211b428
- SHA256
  
  eb332816ebc355e95a944137e9241ee5c38717fc4343a020b282f31a7143c78a
- SHA512
  
  cdd8a1d6d2e875ac446dcb7013b4323c9f2ca91bd5d41e201cd62580c18e5a981d1eefed6ec075ec2f3f2af689ec079f72eb88f2b009b32a0b1897a23c83fdba
- SSDEEP
  
  384:yVvGmfhaMJWaeDo0svqNej6dJN36oqnOt2p1cnBYoXMtzRKm+0WQgW+lFmuT+quE:e9fhO4j6dJ+Ra+gFCTi7XLbM8
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

T1046

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Network Service Discovery

Loads dropped DLL

Network Service Discovery

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32