laplas | 876e6f8cecf5d23d21e11a3a459357c763807614ba7d4ecee9c0537b5936da04 | Triage

Resubmissions

24-11-2022 16:34

221124-t26x4sfd96 10

03-11-2022 08:46

221103-kpa58sagaj 8

Sharing

General

Target

80750ddfb5cfe9eb8e2adac60f372534.exe
Size

4.8MB
Sample

221124-t26x4sfd96
MD5

80750ddfb5cfe9eb8e2adac60f372534
SHA1

a720efe2b3ef7735efd77de698a5576b36068d07
SHA256

876e6f8cecf5d23d21e11a3a459357c763807614ba7d4ecee9c0537b5936da04
SHA512

bf4100fc99282c91ec03c8c234d320321e21e5e4120c45c2cd5cfeaffcf07d4e67143e61407b570448bea16b44ed0bf7ad720e61ca2ae5d30d804c5fc8266d6f
SSDEEP

49152:RAM2vrGxtRJHHc1RmqAhaShRgdGMYYqWxvdTBB0IEqYjla27EdS5g+A:mMgGxtU1RmqA3xsquvPEdZi+A

Score

10^/10

laplas stealer

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes

api_key
f0cd0c3938331a84425c6e784f577ccd87bb667cfdb44cc24f97f402ac5e15b7

Targets

- Target
  
  80750ddfb5cfe9eb8e2adac60f372534.exe
- Size
  
  4.8MB
- MD5
  
  80750ddfb5cfe9eb8e2adac60f372534
- SHA1
  
  a720efe2b3ef7735efd77de698a5576b36068d07
- SHA256
  
  876e6f8cecf5d23d21e11a3a459357c763807614ba7d4ecee9c0537b5936da04
- SHA512
  
  bf4100fc99282c91ec03c8c234d320321e21e5e4120c45c2cd5cfeaffcf07d4e67143e61407b570448bea16b44ed0bf7ad720e61ca2ae5d30d804c5fc8266d6f
- SSDEEP
  
  49152:RAM2vrGxtRJHHc1RmqAhaShRgdGMYYqWxvdTBB0IEqYjla27EdS5g+A:mMgGxtU1RmqA3xsquvPEdZi+A
Score

10^/10

laplas stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with two variants written in Golang and C#.
  stealer laplas
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2