laplas | fc8db07536652808292ddca99645f2e64431baf7f72ba1a8d358229e16fafbd8 | Triage

Resubmissions

24-11-2022 16:38

221124-t5ggmaah3y 10

18-11-2022 10:14

221118-l9yygada6s 10

05-11-2022 01:50

221105-b88feacgc8 8

Sharing

General

Target

svcupdater.exe
Size

4.8MB
Sample

221124-t5ggmaah3y
MD5

cd4ac234ee1c9fca552d11ff31b9c5cc
SHA1

e3448c185bdf0e0a0859f2b28d1b5f28c38a0064
SHA256

fc8db07536652808292ddca99645f2e64431baf7f72ba1a8d358229e16fafbd8
SHA512

d07048d1359350c9913d2727cb40969383eaca0593b7395d2c51435e0defaa91f4c95f038bb1877847d520efa0150359860036f6e6e1c3e2ece24bc4ff8c6b9f
SSDEEP

49152:tAM3CiGxBRJHy51FmJgBaShRgd5MYh43VvATtg0IEqYjla27VdS5g+A:aMLGxBk1FmJgX2l4lv3EdZv+A

Score

10^/10

laplas stealer

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes

api_key
79af1e5a26dc8ad71542cfa94bd6c11764fd9f9531b1e509278be5b87528ae46

Targets

- Target
  
  svcupdater.exe
- Size
  
  4.8MB
- MD5
  
  cd4ac234ee1c9fca552d11ff31b9c5cc
- SHA1
  
  e3448c185bdf0e0a0859f2b28d1b5f28c38a0064
- SHA256
  
  fc8db07536652808292ddca99645f2e64431baf7f72ba1a8d358229e16fafbd8
- SHA512
  
  d07048d1359350c9913d2727cb40969383eaca0593b7395d2c51435e0defaa91f4c95f038bb1877847d520efa0150359860036f6e6e1c3e2ece24bc4ff8c6b9f
- SSDEEP
  
  49152:tAM3CiGxBRJHy51FmJgBaShRgd5MYh43VvATtg0IEqYjla27VdS5g+A:aMLGxBk1FmJgX2l4lv3EdZv+A
Score

10^/10

laplas stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with two variants written in Golang and C#.
  stealer laplas
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2