laplas | d36ac039727d2f47fe176d3332520fae78574ccdf4790dd5b2f95430540fc766 | Triage

Sharing

General

Target

d36ac039727d2f47fe176d3332520fae78574ccdf4790dd5b2f95430540fc766
Size

1.9MB
Sample

230319-vkpsyabd3w
MD5

5479c2f6ef15bf5552e8d1040988ed2b
SHA1

24f660f9d767467ac3a60348741e25c4d428b70f
SHA256

d36ac039727d2f47fe176d3332520fae78574ccdf4790dd5b2f95430540fc766
SHA512

ee035a04196db93ca4d6c07cf15dcdfc8bdf367a5a00d9b14b5bd0e6ebda96a4bed1b71964c4fda0ab509f3b69ea6126c6e2aca710ca3ab74061a69c3f8f515e
SSDEEP

49152:LldUyBTZpMFSbP8fzTSwr1UZR9xpc3oaJqRC+7:LlBpW40fSJZRPpeJMT

Score

10^/10

laplas clipper persistence stealer

Malware Config

Extracted

Family

laplas

C2

http://45.87.154.105

Attributes

api_key
1c630872d348a77d04368d542fde4663bc2bcb96f1b909554db3472c08df2767

Targets

- Target
  
  d36ac039727d2f47fe176d3332520fae78574ccdf4790dd5b2f95430540fc766
- Size
  
  1.9MB
- MD5
  
  5479c2f6ef15bf5552e8d1040988ed2b
- SHA1
  
  24f660f9d767467ac3a60348741e25c4d428b70f
- SHA256
  
  d36ac039727d2f47fe176d3332520fae78574ccdf4790dd5b2f95430540fc766
- SHA512
  
  ee035a04196db93ca4d6c07cf15dcdfc8bdf367a5a00d9b14b5bd0e6ebda96a4bed1b71964c4fda0ab509f3b69ea6126c6e2aca710ca3ab74061a69c3f8f515e
- SSDEEP
  
  49152:LldUyBTZpMFSbP8fzTSwr1UZR9xpc3oaJqRC+7:LlBpW40fSJZRPpeJMT
Score

10^/10

laplas clipper persistence stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

laplasclipperpersistencestealer