laplas | 0567d458aa72025136b2bd591de0b75b8af324fe23f64c0ae0196bab70c232d4 | Triage

Sharing

General

Target

0567d458aa72025136b2bd591de0b75b8af324fe23f64c0ae0196bab70c232d4
Size

1.9MB
Sample

230316-f8allabe4v
MD5

9054cb4f65f2c64341c41fed3115e1f9
SHA1

8ed3e63cb8b7e85dc4d9a0763b8660c85e0de58d
SHA256

0567d458aa72025136b2bd591de0b75b8af324fe23f64c0ae0196bab70c232d4
SHA512

3ea524a3139a1e2d625282582f995c0b27d30b8b86fd33b9e76e4a6211b3037c48ccdb5ac5193822bcb996d06c7fc666399f3c4c8b3791793579fab78ef21f07
SSDEEP

49152:XvGc1/a5CQu2AOEkifzCsYMgK763xvG9e5mjlXLR:XvGuyCsRiLYL3x+8ojx

Score

10^/10

laplas clipper persistence stealer

Malware Config

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes

api_key
9ee0ef01cd0f0468c997745b63f39799e510412a4bb4e6ff8efcf6f8ac926172

Targets

- Target
  
  0567d458aa72025136b2bd591de0b75b8af324fe23f64c0ae0196bab70c232d4
- Size
  
  1.9MB
- MD5
  
  9054cb4f65f2c64341c41fed3115e1f9
- SHA1
  
  8ed3e63cb8b7e85dc4d9a0763b8660c85e0de58d
- SHA256
  
  0567d458aa72025136b2bd591de0b75b8af324fe23f64c0ae0196bab70c232d4
- SHA512
  
  3ea524a3139a1e2d625282582f995c0b27d30b8b86fd33b9e76e4a6211b3037c48ccdb5ac5193822bcb996d06c7fc666399f3c4c8b3791793579fab78ef21f07
- SSDEEP
  
  49152:XvGc1/a5CQu2AOEkifzCsYMgK763xvG9e5mjlXLR:XvGuyCsRiLYL3x+8ojx
Score

10^/10

laplas clipper persistence stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

laplasclipperpersistencestealer