laplas | b325afb572d93b6a5735b0cce16d58502dae4d230267e621dbfb638a851dc027 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

B325AFB572D93B6A5735B0CCE16D58502DAE4D230267E.exe
Size

4.8MB
Sample

230112-hs8jssbb8t
MD5

d794ced98cc854d40aea782d1b4d7d38
SHA1

c9661fdc1b6e153ca5580dde7268ff00c190662b
SHA256

b325afb572d93b6a5735b0cce16d58502dae4d230267e621dbfb638a851dc027
SHA512

d723a815317cf9635da127fc5222aaf660ea32fbfba1e93958f4a1fd54ba57b14967f3d0db1edc233e6ec56bec19725f15789329cbd8cd2980cb7d5287b5072c
SSDEEP

49152:UAMaCSGxtRJHK5V1m5gBaShRgpVMYhYzFvK94++mbtXTC60H96S5g+A:zMgGxtsV1m5gXOlYxvGb1+q+A

Score

10^/10

laplas stealer

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes

api_key
55f26cb161471271cd1c6203986595abd019967860dd39d347cf86e5c307b363

Targets

- Target
  
  B325AFB572D93B6A5735B0CCE16D58502DAE4D230267E.exe
- Size
  
  4.8MB
- MD5
  
  d794ced98cc854d40aea782d1b4d7d38
- SHA1
  
  c9661fdc1b6e153ca5580dde7268ff00c190662b
- SHA256
  
  b325afb572d93b6a5735b0cce16d58502dae4d230267e621dbfb638a851dc027
- SHA512
  
  d723a815317cf9635da127fc5222aaf660ea32fbfba1e93958f4a1fd54ba57b14967f3d0db1edc233e6ec56bec19725f15789329cbd8cd2980cb7d5287b5072c
- SSDEEP
  
  49152:UAMaCSGxtRJHK5V1m5gBaShRgpVMYhYzFvK94++mbtXTC60H96S5g+A:zMgGxtsV1m5gXOlYxvGb1+q+A
Score

10^/10

laplas stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with two variants written in Golang and C#.
  stealer laplas
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2