Extracted

• • Target

    svchost.exe

  • Size

    1.8MB

  • MD5

    0a935300ad790ad8d03666b1f14e73a4

  • SHA1

    57bf66e15b0cbf325ce66d4c9d5592088a1a8e00

  • SHA256

    9b96d15a412a80fb77e790070084ce815945398f9c9b103ece0ed420850ace12

  • SHA512

    64e7c5e9b0c301a2b4a87dc0189fa55bc7c8690d9148382fd237851348a977376a9772c232f6a898417e92e739add1410d3f143f93547eb99c57fa064ce78096

  • SSDEEP

    49152:HRS3ddTQVvnRdoXwG1a/MrkK9daCBCimRL6E84TB:xSk4XwG1lr0PR8iB

  Score

  10^/10

  laplasclipperpersistencestealer

  • Laplas Clipper

    Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    stealerclipperlaplas

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2