Overview

overview

10

Static

static

3

83a7f9488a...16.exe

windows7-x64

10

83a7f9488a...16.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a00e64fb477f056d15dcbceb861f8439.bin

  • Size

    1.7MB

  • Sample

    230605-pcckrage44

  • MD5

    91e3c005e0152bcfbc4c494b876af342

  • SHA1

    0b470b1b72443b5f2b266331d1adbe337b77f875

  • SHA256

    ba9b0894621501b03c0d8f8dec4dabc051ce910b1b3e2af7f749e07c81963cae

  • SHA512

    4b48b8266b7305f197a66a2ff9bfef8259f7478ec7af29b0fa0aa084c821f48d11d80127d7e95174d9389632963de0069e130ee1874819a91d9dc9546083991c

  • SSDEEP

    49152:9C9btxIq+BqNmIB+QjEc4dzdr6a2NGvweGQroY8:IBxIqzmA+oEfdzdr6ZG3GAt8

Score
10/10
laplasclipperpersistencestealer

Malware Config

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes
  • api_key

    0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes
  • api_key

    0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Targets

    • Target

      83a7f9488aa65bdf7d74aac8ce9ce3468725a40a26bc2c560758473403f99616.exe

    • Size

      1.8MB

    • MD5

      a00e64fb477f056d15dcbceb861f8439

    • SHA1

      cc43e797973ac8dccec3f28c7090942804f5a271

    • SHA256

      83a7f9488aa65bdf7d74aac8ce9ce3468725a40a26bc2c560758473403f99616

    • SHA512

      588f594c915df09aaad467a31648852f5279afef0706243560266dc3adc591d18860f052bb557a3da62c6b425dde68d45162f161da75b30ba6fdfcabc7d0c2fb

    • SSDEEP

      49152:aTDjb1Kvdt+v7Bg98vR7NWvT+V6G/XW/yjhw4:aTPbsFtJ857NWL+8G/8yFh

    Score
    10/10
    laplasclipperpersistencestealer

    • Laplas Clipper

      Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

      stealerclipperlaplas

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks