home

LC_Client.exe

L.C Loader

This is a setup program which is used to install the application. The file has been seen being downloaded from adfoc.us and multiple other hosts.
Product:
L.C Loader

Version:
1.0.3.1

MD5:
6119104b1ba098d079ec5eaea2eed8b5

SHA-1:
fdf91f0d741e17dd41a41b00afe15a483b4694aa

SHA-256:
a218a7fd7284a89d2e8a3c8a326e72ad0fd845e960226559ad3ea865dc6bc55d

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/14/2024 2:56:17 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.TsCabk
1.3.0.4959

Trend Micro House Call
TROJ_GEN.F47V0330
7.2.124

File size:
7.2 MB (7,515,136 bytes)

Product version:
1.0.3.1

Copyright:
L.C © Loader

Original file name:
LC_Client.exe

File type:
Executable application (Win32 EXE)

Language:
Italian (Italy)

Common path:
C:\users\{user}\downloads\lc_client.exe

File PE Metadata
Compilation timestamp:
3/29/2014 11:25:00 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
196608:n/OZJqY1t1I6kVdzrO1MyHQu6ghiyfeaej3QWCYWv:W3qY/1IR/O1Mm9rfhej3Q3

Entry address:
0x7C4619

Entry point:
68, BB, 51, 36, 89, 60, C7, 44, 24, 20, DB, 65, CC, EF, E9, 7A, EC, 00, 00, FF, 34, 24, C7, 44, 24, 28, DD, CB, FD, 4B, FF, 74, 24, 04, 51, 66, 89, 4C, 24, 10, FF, 74, 24, 04, 8D, 64, 24, 34, E9, E8, 33, 72, 00, 88, 5C, 24, 0C, 8D, 7F, 01, E9, 43, E6, 71, 00, 60, 9C, 8D, 4C, 49, 0A, C6, 44, 24, 08, 94, 8D, 64, 24, 40, E9, D7, AD, 71, 00, AD, 5B, 0A, 86, E3, 6F, 9C, 88, 7F, 32, 34, 1E, 07, 81, 95, F1, 90, 1C, 59, D5, 9C, 10, 51, DD, 9C, 10, 6D, E1, 8C, 00, 5D, D1, 88, 04, 61, ED, A4, 28, FB, 08, D5, 3C, 07...
 
[+]

Entropy:
7.9993  (probably packed)

Code size:
384 KB (393,216 bytes)

The file LC_Client.exe has been seen being distributed by the following 5 URLs.

http://adfoc.us/serve/.../?id=21835939221656&servehash=00000154891398604838&timestamp=1398604838

http://adfoc.us/serve/.../?id=21835939221656&servehash=00000740691397845376&timestamp=1397845376

http://adfoc.us/serve/.../?id=21835939221656&servehash=00000951951397845104&timestamp=1397845104

http://loadedcheats.net/loaderdownload.php

http://adfoc.us/serve/.../?id=21835939221656&servehash=00000356871397130861&timestamp=1397130861

Scan LC_Client.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.