Resubmissions

24-11-2022 16:33

221124-t22ndsaf9t 10

02-11-2022 14:52

221102-r8qhlacbgq 8

General

  • Target

    6738634d9b3bfcf7ebca8be48c091b3e.exe

  • Size

    4MB

  • Sample

    221124-t22ndsaf9t

  • MD5

    6738634d9b3bfcf7ebca8be48c091b3e

  • SHA1

    f08091a4b3f5c167bcdfa565584bed8ed2a69f0c

  • SHA256

    8c77759eff69330a5c9697d05e2a0f99c6edff904bdd52a048df0461d0459b27

  • SHA512

    c8e6f3dd4c7de4c9a54278a398d096aabf8391a8a92484eb2a8e74d6d288d8b066e967916645e2aaec53fb4c8c3ac9f1cbd0fc01c1b828a1a742af3bc57aaaf5

  • SSDEEP

    49152:cAMzHHGxBRJHrcFFmJAhaShRgxuMY8qa9vjTIt0IEqYjla27/BS5g+A:bMjGxBQFFmJA3Foq+vOEdZZ+A

Score
10/10

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes
api_key
0f183cb4288647960d1c458ed8456bf6524ebfbc16ebc53caab66c2376fd0eef

Targets

    • Target

      6738634d9b3bfcf7ebca8be48c091b3e.exe

    • Size

      4MB

    • MD5

      6738634d9b3bfcf7ebca8be48c091b3e

    • SHA1

      f08091a4b3f5c167bcdfa565584bed8ed2a69f0c

    • SHA256

      8c77759eff69330a5c9697d05e2a0f99c6edff904bdd52a048df0461d0459b27

    • SHA512

      c8e6f3dd4c7de4c9a54278a398d096aabf8391a8a92484eb2a8e74d6d288d8b066e967916645e2aaec53fb4c8c3ac9f1cbd0fc01c1b828a1a742af3bc57aaaf5

    • SSDEEP

      49152:cAMzHHGxBRJHrcFFmJAhaShRgxuMY8qa9vjTIt0IEqYjla27/BS5g+A:bMjGxBQFFmJA3Foq+vOEdZZ+A

    Score
    10/10
    • Laplas Clipper

      Laplas is a crypto wallet stealer with two variants written in Golang and C#.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                      Privilege Escalation

                        Tasks