laplas | ab7c26523fc6c5f0846bf3efcf6a3892228d2967f1aeec2aafdbc930df3324f5 | Triage

Sharing

General

Target

ab7c26523fc6c5f0846bf3efcf6a3892228d2967f1aeec2aafdbc930df3324f5
Size

1.8MB
Sample

230421-2a1k1scc61
MD5

e7a1267534cc685588fe6ead28a436b5
SHA1

e256f6ab88edfcea75c394eafb926cef10e164eb
SHA256

ab7c26523fc6c5f0846bf3efcf6a3892228d2967f1aeec2aafdbc930df3324f5
SHA512

0a2e73b6bbbe36f34ccbafd9f6931fb5da6a999328f202392219ad9b65d24e14ad4e099e1bcd3c603ae8a4e823329501d48a701b9e806127d702d994b87b3394
SSDEEP

49152:nEh6a45gGCbsefwiFdgmT1mAK1Bq/dCjz:neC5LgsefwiVpFUuEf

Score

10^/10

laplas clipper persistence stealer

Malware Config

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes

api_key
0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes

api_key
0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Targets

- Target
  
  ab7c26523fc6c5f0846bf3efcf6a3892228d2967f1aeec2aafdbc930df3324f5
- Size
  
  1.8MB
- MD5
  
  e7a1267534cc685588fe6ead28a436b5
- SHA1
  
  e256f6ab88edfcea75c394eafb926cef10e164eb
- SHA256
  
  ab7c26523fc6c5f0846bf3efcf6a3892228d2967f1aeec2aafdbc930df3324f5
- SHA512
  
  0a2e73b6bbbe36f34ccbafd9f6931fb5da6a999328f202392219ad9b65d24e14ad4e099e1bcd3c603ae8a4e823329501d48a701b9e806127d702d994b87b3394
- SSDEEP
  
  49152:nEh6a45gGCbsefwiFdgmT1mAK1Bq/dCjz:neC5LgsefwiVpFUuEf
Score

10^/10

laplas clipper persistence stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

laplasclipperpersistencestealer

behavioral2

laplasclipperpersistencestealer