laplas | 84930AF371FDB9524458195F74A8783FEAD22E6270F6B[.]exe

General

Target

84930AF371FDB9524458195F74A8783FEAD22E6270F6B.exe
Size

4.8MB
MD5

c08f37bfa893390e0c8d4e191cb72962
SHA1

ba7af5e1fd88d0029e7af1e1eca6db5226929347
SHA256

84930af371fdb9524458195f74a8783fead22e6270f6bd2285fd098ba33c0b5e
SHA512

818d7b989da653addae004f58134ac92ec5aec0389e802cc2f48201102f384cd9ecf1b15d045e8797acba5cd01680ccaa2e30639646bb4f5cc305e64a3ef0cf5
SSDEEP

49152:sAMKCiGxtRJHu5VFmJgBaShRgpVMYh4fFvHT580IEqYjla27ZdS5g+A:LMAGxtIVFmJgXOl4dvyEdZr+A

Score

10^/10

laplas

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes

api_key
f21073add21558dbf805f2d7f01a9192d88f14e6896a394396e1cd41f3a1c26b

Signatures

Laplas family
laplas

Files

84930AF371FDB9524458195F74A8783FEAD22E6270F6B.exe
.exe windows x64

93a138801d9601e4c36e6274c8b9d111

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
QueryFullProcessImageNameA
ProcessIdToSessionId
PostQueuedCompletionStatus
OpenProcess
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 257KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

93a138801d9601e4c36e6274c8b9d111

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 2.0MB - Virtual size: 2.0MB

.data Size: 257KB - Virtual size: 483KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 90KB - Virtual size: 89KB

.symtab Size: 512B - Virtual size: 4B

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 257KB - Virtual size: 483KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 90KB - Virtual size: 89KB

.symtab
Size: 512B - Virtual size: 4B