Extracted

• • Target

    f7ccda7893511a5237ad794483a8eb9761e982fb681cad2b20454f87eb8cdfd5

  • Size

    264KB

  • MD5

    b55dd61e8c3d831bafeb81bf7d39a936

  • SHA1

    dd32cc7e7397b80ad726e9cf9871b5b76cb97e66

  • SHA256

    f7ccda7893511a5237ad794483a8eb9761e982fb681cad2b20454f87eb8cdfd5

  • SHA512

    bbe711824c99bc573cb8790349691e71d13901578968e479d19581dbc9710bf5f73393124de19eb8af177b068c2792166d57d2822ce394bb9eae8d0e0c8acb4d

  • SSDEEP

    6144:Yq+wvPcoWyNBN0qhL0mY/0QEAkGpkzPm6+:hXvxlXNJhL0tsQfpU4

  Score

  10^/10

  laplasclipperpersistencestealer

  • Laplas Clipper

    Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    stealerclipperlaplas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1