Extracted

• • Target

    464d119bd786eccaf0894ab146105b8adc8a345f1e72a775ec1cdf38631eba1a

  • Size

    245KB

  • MD5

    dea57f6d76b48d0b3a2e099dbf34b739

  • SHA1

    ec2c8e74bb6b32c81ec04ac57ce29ee8ae4546ec

  • SHA256

    464d119bd786eccaf0894ab146105b8adc8a345f1e72a775ec1cdf38631eba1a

  • SHA512

    c8827672a885fb6adead40d7f1e3f06bebca30a5164e31cbc6364dcf3774ffb3d160be402e31606e0065c36d22ac4db8b26de7c3bad8ae3b44fa151c7b9e552b

  • SSDEEP

    3072:uF+WJvUs8XLoqB9RHZEaxNn8mg20Lizvac4Hd45cT/XZKwl8eM1rCgH/6cXFlTXo:uvJvNCosHWwlpk2jac4HdtKwlWlHXFp

  Score

  10^/10

  laplasclipperpersistencestealer

  • Laplas Clipper

    Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    stealerclipperlaplas

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1