laplas | B325AFB572D93B6A5735B0CCE16D58502DAE4D230267E[.]exe

General

Target

B325AFB572D93B6A5735B0CCE16D58502DAE4D230267E.exe
Size

4.8MB
MD5

d794ced98cc854d40aea782d1b4d7d38
SHA1

c9661fdc1b6e153ca5580dde7268ff00c190662b
SHA256

b325afb572d93b6a5735b0cce16d58502dae4d230267e621dbfb638a851dc027
SHA512

d723a815317cf9635da127fc5222aaf660ea32fbfba1e93958f4a1fd54ba57b14967f3d0db1edc233e6ec56bec19725f15789329cbd8cd2980cb7d5287b5072c
SSDEEP

49152:UAMaCSGxtRJHK5V1m5gBaShRgpVMYhYzFvK94++mbtXTC60H96S5g+A:zMgGxtsV1m5gXOlYxvGb1+q+A

Score

10^/10

laplas

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes

api_key
55f26cb161471271cd1c6203986595abd019967860dd39d347cf86e5c307b363

Signatures

Laplas family
laplas

Files

B325AFB572D93B6A5735B0CCE16D58502DAE4D230267E.exe
.exe windows x64

93a138801d9601e4c36e6274c8b9d111

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
QueryFullProcessImageNameA
ProcessIdToSessionId
PostQueuedCompletionStatus
OpenProcess
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 257KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

93a138801d9601e4c36e6274c8b9d111

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 2.0MB - Virtual size: 2.0MB

.data Size: 257KB - Virtual size: 483KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 90KB - Virtual size: 89KB

.symtab Size: 512B - Virtual size: 4B

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 257KB - Virtual size: 483KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 90KB - Virtual size: 89KB

.symtab
Size: 512B - Virtual size: 4B