laplas | 8c77759eff69330a5c9697d05e2a0f99c6edff904bdd52a048df0461d0459b27 | Triage

Resubmissions

24-11-2022 16:33

221124-t22ndsaf9t 10

02-11-2022 14:52

221102-r8qhlacbgq 8

Sharing

General

Target

6738634d9b3bfcf7ebca8be48c091b3e.exe
Size

4.8MB
Sample

221124-t22ndsaf9t
MD5

6738634d9b3bfcf7ebca8be48c091b3e
SHA1

f08091a4b3f5c167bcdfa565584bed8ed2a69f0c
SHA256

8c77759eff69330a5c9697d05e2a0f99c6edff904bdd52a048df0461d0459b27
SHA512

c8e6f3dd4c7de4c9a54278a398d096aabf8391a8a92484eb2a8e74d6d288d8b066e967916645e2aaec53fb4c8c3ac9f1cbd0fc01c1b828a1a742af3bc57aaaf5
SSDEEP

49152:cAMzHHGxBRJHrcFFmJAhaShRgxuMY8qa9vjTIt0IEqYjla27/BS5g+A:bMjGxBQFFmJA3Foq+vOEdZZ+A

Score

10^/10

laplas stealer

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes

api_key
0f183cb4288647960d1c458ed8456bf6524ebfbc16ebc53caab66c2376fd0eef

Targets

- Target
  
  6738634d9b3bfcf7ebca8be48c091b3e.exe
- Size
  
  4.8MB
- MD5
  
  6738634d9b3bfcf7ebca8be48c091b3e
- SHA1
  
  f08091a4b3f5c167bcdfa565584bed8ed2a69f0c
- SHA256
  
  8c77759eff69330a5c9697d05e2a0f99c6edff904bdd52a048df0461d0459b27
- SHA512
  
  c8e6f3dd4c7de4c9a54278a398d096aabf8391a8a92484eb2a8e74d6d288d8b066e967916645e2aaec53fb4c8c3ac9f1cbd0fc01c1b828a1a742af3bc57aaaf5
- SSDEEP
  
  49152:cAMzHHGxBRJHrcFFmJAhaShRgxuMY8qa9vjTIt0IEqYjla27/BS5g+A:bMjGxBQFFmJA3Foq+vOEdZZ+A
Score

10^/10

laplas stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with two variants written in Golang and C#.
  stealer laplas
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2