Extracted

• • Target

    5f0b4bc4ef82e8d3178167ef18f1bbbfb3a7d94929d7262cc6ca77592f3293c0

  • Size

    246KB

  • MD5

    95d60d52c0f8e2c87d1f495f426f4e20

  • SHA1

    daa905959994df54356b8d010df02b2cdcf88cfe

  • SHA256

    5f0b4bc4ef82e8d3178167ef18f1bbbfb3a7d94929d7262cc6ca77592f3293c0

  • SHA512

    eaa3956a4a60acf551673b2a2fb16105dd34d8caa17d8d87918e6f1013673fcb8241e4147ad4ce535b03bcadae8b4fc682cb8b6e48619a59dc27cfd506b7be7e

  • SSDEEP

    6144:pQwkcWSfzNAFKtUG4BNCLcZzgiestN9oI:pQwfQ0yG4T6K8dst

  Score

  10^/10

  laplasclipperpersistencestealer

  • Laplas Clipper

    Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    stealerclipperlaplas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1