laplas | f610f0b058b6dcd9afb90f2861251606dca490db7001d66e252bb704fcc551c7 | Triage

Sharing

General

Target

f610f0b058b6dcd9afb90f2861251606dca490db7001d66e252bb704fcc551c7
Size

245KB
Sample

230316-zyzbrach25
MD5

12358cc9592b4794a0fd578a9c27af31
SHA1

050e5d65a1460c0363e8316d5b75b4e13374d7a1
SHA256

f610f0b058b6dcd9afb90f2861251606dca490db7001d66e252bb704fcc551c7
SHA512

9c224eefb097be200f3b80480a534983e8b3d12ef6755f0dcdd38044267c3248459c3b2afd39c8b8f8bf8ab5c38c8deb70ef5231344c64b8132aeb9fcdde4c8b
SSDEEP

3072:7gQUwYcJ+quJ/2esNiLuywkXbnExkk67BcgiLdgiy//2TZ0iNGmemsjE6yhfhVAZ:chwl2cgv9L0pMcJmtulvmmmOhoJ

Score

10^/10

laplas clipper persistence stealer

Malware Config

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes

api_key
9ee0ef01cd0f0468c997745b63f39799e510412a4bb4e6ff8efcf6f8ac926172

Targets

- Target
  
  f610f0b058b6dcd9afb90f2861251606dca490db7001d66e252bb704fcc551c7
- Size
  
  245KB
- MD5
  
  12358cc9592b4794a0fd578a9c27af31
- SHA1
  
  050e5d65a1460c0363e8316d5b75b4e13374d7a1
- SHA256
  
  f610f0b058b6dcd9afb90f2861251606dca490db7001d66e252bb704fcc551c7
- SHA512
  
  9c224eefb097be200f3b80480a534983e8b3d12ef6755f0dcdd38044267c3248459c3b2afd39c8b8f8bf8ab5c38c8deb70ef5231344c64b8132aeb9fcdde4c8b
- SSDEEP
  
  3072:7gQUwYcJ+quJ/2esNiLuywkXbnExkk67BcgiLdgiy//2TZ0iNGmemsjE6yhfhVAZ:chwl2cgv9L0pMcJmtulvmmmOhoJ
Score

10^/10

laplas clipper persistence stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

laplasclipperpersistencestealer