laplas | fc8db07536652808292ddca99645f2e64431baf7f72ba1a8d358229e16fafbd8 | Triage

Resubmissions

24-11-2022 16:38

221124-t5ggmaah3y 10

18-11-2022 10:14

221118-l9yygada6s 10

05-11-2022 01:50

221105-b88feacgc8 8

Sharing

General

Target

svcupdater.exe
Size

4.8MB
Sample

221124-t5ggmaah3y
MD5

cd4ac234ee1c9fca552d11ff31b9c5cc
SHA1

e3448c185bdf0e0a0859f2b28d1b5f28c38a0064
SHA256

fc8db07536652808292ddca99645f2e64431baf7f72ba1a8d358229e16fafbd8
SHA512

d07048d1359350c9913d2727cb40969383eaca0593b7395d2c51435e0defaa91f4c95f038bb1877847d520efa0150359860036f6e6e1c3e2ece24bc4ff8c6b9f
SSDEEP

49152:tAM3CiGxBRJHy51FmJgBaShRgd5MYh43VvATtg0IEqYjla27VdS5g+A:aMLGxBk1FmJgX2l4lv3EdZv+A

Score

10^/10

laplas stealer

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes

api_key
79af1e5a26dc8ad71542cfa94bd6c11764fd9f9531b1e509278be5b87528ae46

Targets

- Target
  
  svcupdater.exe
- Size
  
  4.8MB
- MD5
  
  cd4ac234ee1c9fca552d11ff31b9c5cc
- SHA1
  
  e3448c185bdf0e0a0859f2b28d1b5f28c38a0064
- SHA256
  
  fc8db07536652808292ddca99645f2e64431baf7f72ba1a8d358229e16fafbd8
- SHA512
  
  d07048d1359350c9913d2727cb40969383eaca0593b7395d2c51435e0defaa91f4c95f038bb1877847d520efa0150359860036f6e6e1c3e2ece24bc4ff8c6b9f
- SSDEEP
  
  49152:tAM3CiGxBRJHy51FmJgBaShRgd5MYh43VvATtg0IEqYjla27VdS5g+A:aMLGxBk1FmJgX2l4lv3EdZv+A
Score

10^/10

laplas stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with two variants written in Golang and C#.
  stealer laplas
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2