General
-
Target
465af88feb490f93acea92ec180b916d03bb788956c078bfee031cc08f2c41c8
-
Size
255KB
-
Sample
230312-m33thsff7s
-
MD5
20c262348a0700400d14ea53936509d8
-
SHA1
e26adbee5171256c6b21aec785ba694c53587cfe
-
SHA256
465af88feb490f93acea92ec180b916d03bb788956c078bfee031cc08f2c41c8
-
SHA512
3c2f2141bf9d2b7db0f6b1dffd0912c7fadb11785ba055221f0359254f471ae335b40ac887b4e8aff709910c9fdd1679df9bed2367a6e9247eb9c9cc26f1c7fe
-
SSDEEP
3072:7RrqxlaiY9Ceax5L7FUt03BKzX2AK4OfG2sTBg0vW0F9oFa74umGcX0N59/hr2X1:FqXaiY9gFUt03BWiG2QBui+FaHNHhya
Malware Config
Extracted
laplas
http://45.159.189.105
-
api_key
9ee0ef01cd0f0468c997745b63f39799e510412a4bb4e6ff8efcf6f8ac926172
Targets
-
-
Target
465af88feb490f93acea92ec180b916d03bb788956c078bfee031cc08f2c41c8
-
Size
255KB
-
MD5
20c262348a0700400d14ea53936509d8
-
SHA1
e26adbee5171256c6b21aec785ba694c53587cfe
-
SHA256
465af88feb490f93acea92ec180b916d03bb788956c078bfee031cc08f2c41c8
-
SHA512
3c2f2141bf9d2b7db0f6b1dffd0912c7fadb11785ba055221f0359254f471ae335b40ac887b4e8aff709910c9fdd1679df9bed2367a6e9247eb9c9cc26f1c7fe
-
SSDEEP
3072:7RrqxlaiY9Ceax5L7FUt03BKzX2AK4OfG2sTBg0vW0F9oFa74umGcX0N59/hr2X1:FqXaiY9gFUt03BWiG2QBui+FaHNHhya
Score10/10-
Laplas Clipper
Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-