Overview

overview

10

Static

static

3

a00e64fb47...in.exe

windows7-x64

10

a00e64fb47...in.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a00e64fb477f056d15dcbceb861f8439.bin.exe

  • Size

    1.8MB

  • Sample

    230601-xx766aga32

  • MD5

    a00e64fb477f056d15dcbceb861f8439

  • SHA1

    cc43e797973ac8dccec3f28c7090942804f5a271

  • SHA256

    83a7f9488aa65bdf7d74aac8ce9ce3468725a40a26bc2c560758473403f99616

  • SHA512

    588f594c915df09aaad467a31648852f5279afef0706243560266dc3adc591d18860f052bb557a3da62c6b425dde68d45162f161da75b30ba6fdfcabc7d0c2fb

  • SSDEEP

    49152:aTDjb1Kvdt+v7Bg98vR7NWvT+V6G/XW/yjhw4:aTPbsFtJ857NWL+8G/8yFh

Score
10/10
laplasclipperpersistencestealer

Malware Config

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes
  • api_key

    0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes
  • api_key

    0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Targets

    • Target

      a00e64fb477f056d15dcbceb861f8439.bin.exe

    • Size

      1.8MB

    • MD5

      a00e64fb477f056d15dcbceb861f8439

    • SHA1

      cc43e797973ac8dccec3f28c7090942804f5a271

    • SHA256

      83a7f9488aa65bdf7d74aac8ce9ce3468725a40a26bc2c560758473403f99616

    • SHA512

      588f594c915df09aaad467a31648852f5279afef0706243560266dc3adc591d18860f052bb557a3da62c6b425dde68d45162f161da75b30ba6fdfcabc7d0c2fb

    • SSDEEP

      49152:aTDjb1Kvdt+v7Bg98vR7NWvT+V6G/XW/yjhw4:aTPbsFtJ857NWL+8G/8yFh

    Score
    10/10
    laplasclipperpersistencestealer

    • Laplas Clipper

      Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

      stealerclipperlaplas

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks