laplas | 3505b429774620bffa85993478347e60589b048d5641404359f566931c1824c1 | Triage

Sharing

General

Target

3505b429774620bffa85993478347e60589b048d5641404359f566931c1824c1
Size

6.0MB
Sample

230323-17dbbace2y
MD5

bc65ec3faed25636ff149fcf1850855e
SHA1

468ac57e84fcd934948dab935cfa3c196f23284a
SHA256

3505b429774620bffa85993478347e60589b048d5641404359f566931c1824c1
SHA512

9f4633330c4b35ae4f28ec7d914c90531ff35f985b1dfc9a2fd718d7b6788d55be3e39b86e6ba15703a50ea0c3ede2d1345c0553c5235b7af329d155e565cfa8
SSDEEP

98304:FqSzFI+pzz3U/Yx2cpB/jn99IVaKrH8AuwWT3hRA6oO3w91d4+PfqaPtiLYEl8+T:FVi+d3U/4jzIVa48fwWTL7oO30d/3qMC

Score

10^/10

laplas clipper persistence stealer

Malware Config

Extracted

Family

laplas

C2

http://212.113.106.172

Attributes

api_key
a8f23fb9332db9a7947580ee498822bfe375b57ad7eb47370c7209509050c298

Targets

- Target
  
  3505b429774620bffa85993478347e60589b048d5641404359f566931c1824c1
- Size
  
  6.0MB
- MD5
  
  bc65ec3faed25636ff149fcf1850855e
- SHA1
  
  468ac57e84fcd934948dab935cfa3c196f23284a
- SHA256
  
  3505b429774620bffa85993478347e60589b048d5641404359f566931c1824c1
- SHA512
  
  9f4633330c4b35ae4f28ec7d914c90531ff35f985b1dfc9a2fd718d7b6788d55be3e39b86e6ba15703a50ea0c3ede2d1345c0553c5235b7af329d155e565cfa8
- SSDEEP
  
  98304:FqSzFI+pzz3U/Yx2cpB/jn99IVaKrH8AuwWT3hRA6oO3w91d4+PfqaPtiLYEl8+T:FVi+d3U/4jzIVa48fwWTL7oO30d/3qMC
Score

10^/10

laplas clipper persistence stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

laplasclipperpersistencestealer