Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    747e415b2fdfc4def2b6d1b014605ad740c7a1c25743f25706391bdc54845d00

  • Size

    269KB

  • Sample

    230311-keafysha35

  • MD5

    2ec6b6e536979c66b851f54e55d936cf

  • SHA1

    dc66788321acf7e368b40f07281d5f7ea77fbc13

  • SHA256

    747e415b2fdfc4def2b6d1b014605ad740c7a1c25743f25706391bdc54845d00

  • SHA512

    fc299b1558a01dca518deeb0ab88d06b7d98d487699d3e47ee19b085a066fc28faa9febecf0162b46d9d0cb74c147ab672869e7bcf33482d63ddd785fa20b5da

  • SSDEEP

    6144:KFnpIOJ5avLVgQdUcwx/XDpXtLl9xejvE/5Jz9:EpIOOzVH/YDZb94jvE/V

Malware Config

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes
  • api_key

    9ee0ef01cd0f0468c997745b63f39799e510412a4bb4e6ff8efcf6f8ac926172

Targets

    • Target

      747e415b2fdfc4def2b6d1b014605ad740c7a1c25743f25706391bdc54845d00

    • Size

      269KB

    • MD5

      2ec6b6e536979c66b851f54e55d936cf

    • SHA1

      dc66788321acf7e368b40f07281d5f7ea77fbc13

    • SHA256

      747e415b2fdfc4def2b6d1b014605ad740c7a1c25743f25706391bdc54845d00

    • SHA512

      fc299b1558a01dca518deeb0ab88d06b7d98d487699d3e47ee19b085a066fc28faa9febecf0162b46d9d0cb74c147ab672869e7bcf33482d63ddd785fa20b5da

    • SSDEEP

      6144:KFnpIOJ5avLVgQdUcwx/XDpXtLl9xejvE/5Jz9:EpIOOzVH/YDZb94jvE/V

    • Laplas Clipper

      Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks