laplas | Installer[.]rar

General

Target

Installer.rar
Size

6.5MB
MD5

af390128b0596b01f325ddcbb15fafe9
SHA1

9680c0b3d08a3255f0a4854099eeebef6ec4f4e2
SHA256

cc0bf3d7b2df3c7364ecc48c5904bf76aff18a709c427b18355740defddbc132
SHA512

33858d41580541d4e9c94947ae310d525e6d33744f69cf7ba72bfb679a781519bef5c298f0736a8581a072fb745bba50cb2aa55f4fde9824a36a69c01b5fbcf2
SSDEEP

196608:u0HEib3sBiS1Z1KG6dubNlZc0o+KSb919yy5:3kicBiLzANwrYyy5

Score

10^/10

laplas

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes

api_key
7c941e2473f0cd4b83386ccc2b4da5d3f70cb52a7988666b9a0228a4df29fcd6

Signatures

Laplas family
laplas

Files

Installer.rar
.rar

Password: 12345
Installer/Setup.exe
.exe windows x86

Password: 12345

9cbefe68f395e67356e2a5d8d1b285c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
PostQueuedCompletionStatus
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateFileA
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Installer/libGLESv2.dll
Installer/updater.ini

Sharing

General

Malware Config

Extracted

Signatures

Files

Password: 12345

Password: 12345

9cbefe68f395e67356e2a5d8d1b285c0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 213KB - Virtual size: 407KB

.idata Size: 1024B - Virtual size: 988B

.reloc Size: 76KB - Virtual size: 76KB

.symtab Size: 512B - Virtual size: 4B

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 213KB - Virtual size: 407KB

.idata
Size: 1024B - Virtual size: 988B

.reloc
Size: 76KB - Virtual size: 76KB

.symtab
Size: 512B - Virtual size: 4B