laplas | 2a2d70f14af2ce945784d82bfaf7e21f80c402000d0621b4326091db57d54b5b | Triage

Sharing

General

Target

tmp
Size

1.9MB
Sample

230315-z3n2kshe7t
MD5

73b0606c4cacaaa568898cfe05d5565c
SHA1

6d955a0bdbcd0c8590e6071ecc44e6fdb23d5366
SHA256

2a2d70f14af2ce945784d82bfaf7e21f80c402000d0621b4326091db57d54b5b
SHA512

578de0735122c49002ad756fd6b770c1ff31da519216db9ff06c9ffe208011f11f5d03e6c90daa964f98fb233747362b09855807126a736e55af157a6557136e
SSDEEP

49152:gm98KqvSuA4rQvQL+LPEnB2YTFyfExXo52HrOEW:gm9PqvSVvJLEnB2W1x4wiE

Score

10^/10

laplas clipper persistence stealer

Malware Config

Extracted

Family

laplas

C2

http://45.87.154.105

Attributes

api_key
1c630872d348a77d04368d542fde4663bc2bcb96f1b909554db3472c08df2767

Targets

- Target
  
  tmp
- Size
  
  1.9MB
- MD5
  
  73b0606c4cacaaa568898cfe05d5565c
- SHA1
  
  6d955a0bdbcd0c8590e6071ecc44e6fdb23d5366
- SHA256
  
  2a2d70f14af2ce945784d82bfaf7e21f80c402000d0621b4326091db57d54b5b
- SHA512
  
  578de0735122c49002ad756fd6b770c1ff31da519216db9ff06c9ffe208011f11f5d03e6c90daa964f98fb233747362b09855807126a736e55af157a6557136e
- SSDEEP
  
  49152:gm98KqvSuA4rQvQL+LPEnB2YTFyfExXo52HrOEW:gm9PqvSVvJLEnB2W1x4wiE
Score

10^/10

laplas clipper persistence stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

laplasclipperpersistencestealer

behavioral2

laplasclipperpersistencestealer