Source: C:\Program Files (x8 6)\LST Ser ver\LST_Se rver.exeĬode function: 5_2_0021E7 46 select, recv,WSAGe tLastError ,ĭNS traffic detected: queries fo r: checkip.
#Lst server download#
70 216.14 6.43.70Ĭontains functionality to download additional files from the internet
#Lst server code#
Uses code obfuscation techniques (call, push, ret) Stores files to the Windows start menu directory Sample file is different than original file name gathered from version info
#Lst server serial number#
Queries the volume information (name, serial number etc) of a device PE file contains executable resources (Code or Archives) IP address seen in connection with other malware system language)Ĭontains functionality to call native functionsĬontains functionality to dynamically determine API callsĬontains functionality to open a port and listen for incoming connection (possibly a backdoor)Ĭontains functionality to retrieve information about pressed keystrokesĬontains functionality to shutdown / reboot the systemĬontains functionality which may be used to detect a debugger (GetProcessHeap)įound dropped PE file which has not been started or loadedįound potential string decryption / allocating functions May check the online IP address of the machineĪntivirus or Machine Learning detection for unpacked fileĬontains functionality for execution timing, often used to detect debuggersĬontains functionality locales information (e.g.
0 kommentar(er)
