laplas | 7828a366a1adf74c032e42dd3b8fe4d1501352c23d5969d71ade3bb7d05b07ef | Triage

Sharing

General

Target

7828a366a1adf74c032e42dd3b8fe4d1501352c23d5969d71ade3bb7d05b07ef
Size

1.8MB
Sample

230314-kejdvsed47
MD5

a8df01231187fbbfdfe8cb0aead099a9
SHA1

12113432be459f903a1845612e470d2bab19ef66
SHA256

7828a366a1adf74c032e42dd3b8fe4d1501352c23d5969d71ade3bb7d05b07ef
SHA512

68e4ec8ad240e897a22c8e7b1a77f97642ac1dff4022886dea179bebf30ce0a2d4f75cf6042dd53943bbf6887bf1a426f8ef9fbe4cd4abc7b013738761fb4006
SSDEEP

49152:cVqN9DZfvBw06+PXOSpSTItfzhkrTWzxG4:+Ep9mSwTINzQTWzo4

Score

10^/10

laplas clipper persistence stealer

Malware Config

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes

api_key
9ee0ef01cd0f0468c997745b63f39799e510412a4bb4e6ff8efcf6f8ac926172

Targets

- Target
  
  7828a366a1adf74c032e42dd3b8fe4d1501352c23d5969d71ade3bb7d05b07ef
- Size
  
  1.8MB
- MD5
  
  a8df01231187fbbfdfe8cb0aead099a9
- SHA1
  
  12113432be459f903a1845612e470d2bab19ef66
- SHA256
  
  7828a366a1adf74c032e42dd3b8fe4d1501352c23d5969d71ade3bb7d05b07ef
- SHA512
  
  68e4ec8ad240e897a22c8e7b1a77f97642ac1dff4022886dea179bebf30ce0a2d4f75cf6042dd53943bbf6887bf1a426f8ef9fbe4cd4abc7b013738761fb4006
- SSDEEP
  
  49152:cVqN9DZfvBw06+PXOSpSTItfzhkrTWzxG4:+Ep9mSwTINzQTWzo4
Score

10^/10

laplas clipper persistence stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

laplasclipperpersistencestealer