Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    1.9MB

  • Sample

    230320-q1tplsfg4y

  • MD5

    8c59b0c004d6d108c494ed8e96f573bb

  • SHA1

    62856aa334190053f0e3b41f7f379a77aaf1cdb1

  • SHA256

    2297b0cced9fde691e8f430d0198f76227b3e617658a6119753d942f9677f589

  • SHA512

    2c966dde8aa92dec51080a02a38c8ed207cd51fc8196bd6a92e3eff316bb6370c90900f3b6c0d5d06e93f34ef925c509cb2c11f3d16a0cd3dc8984f853f85a6d

  • SSDEEP

    49152:mG1dhlVkEIUaOM8Tb9E4V4GwayVg53tW0S6ndKE:mG/hkPUaX8/64x0g5jS24

Malware Config

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes
  • api_key

    9ee0ef01cd0f0468c997745b63f39799e510412a4bb4e6ff8efcf6f8ac926172

Targets

    • Target

      file.exe

    • Size

      1.9MB

    • MD5

      8c59b0c004d6d108c494ed8e96f573bb

    • SHA1

      62856aa334190053f0e3b41f7f379a77aaf1cdb1

    • SHA256

      2297b0cced9fde691e8f430d0198f76227b3e617658a6119753d942f9677f589

    • SHA512

      2c966dde8aa92dec51080a02a38c8ed207cd51fc8196bd6a92e3eff316bb6370c90900f3b6c0d5d06e93f34ef925c509cb2c11f3d16a0cd3dc8984f853f85a6d

    • SSDEEP

      49152:mG1dhlVkEIUaOM8Tb9E4V4GwayVg53tW0S6ndKE:mG/hkPUaX8/64x0g5jS24

    • Laplas Clipper

      Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks