Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eb7affaaa61c0fa04ab3c31c9e7307116d5cf796aa810102605e7b09f27ffd88

  • Size

    1.9MB

  • Sample

    230319-hs15qahd5x

  • MD5

    a24cfabc78273aa5d5d997e780400416

  • SHA1

    2c8561e6d643225e0ad5e60abdc9516cc499a0c0

  • SHA256

    eb7affaaa61c0fa04ab3c31c9e7307116d5cf796aa810102605e7b09f27ffd88

  • SHA512

    c384c069f8f93222174446162685673e346d8e3804b68fe828b2dc68ae8e8378da18e535e24f0d0f47ea04b8ead0c8e714abb33a3d7a31a697ce5d70532d0ea0

  • SSDEEP

    24576:YhmN/VqDyuURACBQiulRKvXgkllDFuJvimr57RpWwE+yJHXtVplrRSRJKD0pwNN9:YBybR/QKvHoimr9R9IXtVbqKHegv

Malware Config

Extracted

Family

laplas

C2

http://45.87.154.105

Attributes
  • api_key

    1c630872d348a77d04368d542fde4663bc2bcb96f1b909554db3472c08df2767

Targets

    • Target

      eb7affaaa61c0fa04ab3c31c9e7307116d5cf796aa810102605e7b09f27ffd88

    • Size

      1.9MB

    • MD5

      a24cfabc78273aa5d5d997e780400416

    • SHA1

      2c8561e6d643225e0ad5e60abdc9516cc499a0c0

    • SHA256

      eb7affaaa61c0fa04ab3c31c9e7307116d5cf796aa810102605e7b09f27ffd88

    • SHA512

      c384c069f8f93222174446162685673e346d8e3804b68fe828b2dc68ae8e8378da18e535e24f0d0f47ea04b8ead0c8e714abb33a3d7a31a697ce5d70532d0ea0

    • SSDEEP

      24576:YhmN/VqDyuURACBQiulRKvXgkllDFuJvimr57RpWwE+yJHXtVplrRSRJKD0pwNN9:YBybR/QKvHoimr9R9IXtVbqKHegv

    • Laplas Clipper

      Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks