laplas | hxxps://telegra[.]ph/MultiHack-Launcher-05-19 | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

1

https://telegra.ph/M...

windows10-1703-x64

Sharing

General

Target

https://telegra.ph/MultiHack-Launcher-05-19
Sample

230612-payp7sca95

Score

10^/10

laplas lobshot redline @hesoyamnew backdoor clipper discovery infostealer persistence spyware stealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://telegra.ph/MultiHack-Launcher-05-19

Resource

win10-20230220-en

laplas lobshot redline @hesoyamnew backdoor clipper discovery infostealer persistence spyware stealer

windows10-1703-x64

22 signatures

300 seconds

Malware Config

Extracted

Family

redline

Botnet

@hesoyamnew

C2

94.142.138.4:80

Attributes

auth_value
d0a2897a24ba814f01b36a0b2873bdd1

Extracted

Family

laplas

C2

http://185.223.93.251

Attributes

api_key
f0cd0c3938331a84425c6e784f577ccd87bb667cfdb44cc24f97f402ac5e15b7

Targets

- Target
  
  https://telegra.ph/MultiHack-Launcher-05-19
Score

10^/10

laplas lobshot redline @hesoyamnew backdoor clipper discovery infostealer persistence spyware stealer
- Detects Lobshot family
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Lobshot
  Lobshot is a backdoor module written in c++.
  backdoor lobshot
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Downloads MZ/PE file
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

laplaslobshotredline@hesoyamnewbackdoorclipperdiscoveryinfostealerpersistencespywarestealer

© 2018-2025

Terms | Privacy