laplas | 8c77759eff69330a5c9697d05e2a0f99c6edff904bdd52a048df0461d0459b27 | Triage

Resubmissions

24-11-2022 16:33

221124-t22ndsaf9t 10

02-11-2022 14:52

221102-r8qhlacbgq 8

Sharing

General

Target

6738634d9b3bfcf7ebca8be48c091b3e.exe
Size

4.8MB
Sample

221124-t22ndsaf9t
MD5

6738634d9b3bfcf7ebca8be48c091b3e
SHA1

f08091a4b3f5c167bcdfa565584bed8ed2a69f0c
SHA256

8c77759eff69330a5c9697d05e2a0f99c6edff904bdd52a048df0461d0459b27
SHA512

c8e6f3dd4c7de4c9a54278a398d096aabf8391a8a92484eb2a8e74d6d288d8b066e967916645e2aaec53fb4c8c3ac9f1cbd0fc01c1b828a1a742af3bc57aaaf5
SSDEEP

49152:cAMzHHGxBRJHrcFFmJAhaShRgxuMY8qa9vjTIt0IEqYjla27/BS5g+A:bMjGxBQFFmJA3Foq+vOEdZZ+A

Score

10^/10

laplas stealer

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes

api_key
0f183cb4288647960d1c458ed8456bf6524ebfbc16ebc53caab66c2376fd0eef

Targets

- Target
  
  6738634d9b3bfcf7ebca8be48c091b3e.exe
- Size
  
  4.8MB
- MD5
  
  6738634d9b3bfcf7ebca8be48c091b3e
- SHA1
  
  f08091a4b3f5c167bcdfa565584bed8ed2a69f0c
- SHA256
  
  8c77759eff69330a5c9697d05e2a0f99c6edff904bdd52a048df0461d0459b27
- SHA512
  
  c8e6f3dd4c7de4c9a54278a398d096aabf8391a8a92484eb2a8e74d6d288d8b066e967916645e2aaec53fb4c8c3ac9f1cbd0fc01c1b828a1a742af3bc57aaaf5
- SSDEEP
  
  49152:cAMzHHGxBRJHrcFFmJAhaShRgxuMY8qa9vjTIt0IEqYjla27/BS5g+A:bMjGxBQFFmJA3Foq+vOEdZZ+A
Score

10^/10

laplas stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with two variants written in Golang and C#.
  stealer laplas
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2