General
-
Target
setup.exe
-
Size
1.9MB
-
Sample
230321-cneg9sgd98
-
MD5
7e1ee04719bea1b532ed44609632ccd9
-
SHA1
f6ad1ded616f8877cb34f873b3597aa6df50e957
-
SHA256
b46481ba0ba92b4cf9306181a82bff5cd1f1213fd23fb73c01a5b46435c7bebc
-
SHA512
0bbb7c9e68f27d05476a301ec95b0a3ee7ab46ab3e912adcb14bbe44015b07ef1668e076518076abf79c6b366a1d59f057553411383a263ab539786853bc2819
-
SSDEEP
24576:prRWZ35JhqWpgXEC9CsacGA2XqHO4fOD22eAbFKhvb12pG5UojUsw1EyYMoPBETh:prsvJhS7Rj26H/fOyj1qG5UojUslMoJ
Malware Config
Extracted
laplas
http://45.87.154.105
-
api_key
1c630872d348a77d04368d542fde4663bc2bcb96f1b909554db3472c08df2767
Targets
-
-
Target
setup.exe
-
Size
1.9MB
-
MD5
7e1ee04719bea1b532ed44609632ccd9
-
SHA1
f6ad1ded616f8877cb34f873b3597aa6df50e957
-
SHA256
b46481ba0ba92b4cf9306181a82bff5cd1f1213fd23fb73c01a5b46435c7bebc
-
SHA512
0bbb7c9e68f27d05476a301ec95b0a3ee7ab46ab3e912adcb14bbe44015b07ef1668e076518076abf79c6b366a1d59f057553411383a263ab539786853bc2819
-
SSDEEP
24576:prRWZ35JhqWpgXEC9CsacGA2XqHO4fOD22eAbFKhvb12pG5UojUsw1EyYMoPBETh:prsvJhS7Rj26H/fOyj1qG5UojUslMoJ
Score10/10-
Laplas Clipper
Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-