General

  • Target

    e5bc55ce98909742d2f1353b3bc8749ecc71206a5b8fa2e656d2a3ae186c1e63

  • Size

    557KB

  • Sample

    230621-jnxr6sgb44

  • MD5

    b76188bafa717975768bd24d09ffeb09

  • SHA1

    f623849274e0303a33a20f28d5b972869b89f947

  • SHA256

    e5bc55ce98909742d2f1353b3bc8749ecc71206a5b8fa2e656d2a3ae186c1e63

  • SHA512

    859f1fd0877779779059fad437d8ddf5b0bd7e0f4fb724dfe1cc9bee069f2cc8339e7bfdb94fa5d0e65d0fbfb72a9cbe18c578cb249c7a12cbbda59282ab5b43

  • SSDEEP

    12288:p/XPduH5pchAXVcDy2sol2Eq3Upx5wFoSTJrT:pNu0hw0y2xOU4T

Score
10/10

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes
  • api_key

    afc950a4a18fd71c9d7be4c460e4cb77d0bcf29a49d097e4e739c17c332c3a34

Targets

    • Target

      e5bc55ce98909742d2f1353b3bc8749ecc71206a5b8fa2e656d2a3ae186c1e63

    • Size

      557KB

    • MD5

      b76188bafa717975768bd24d09ffeb09

    • SHA1

      f623849274e0303a33a20f28d5b972869b89f947

    • SHA256

      e5bc55ce98909742d2f1353b3bc8749ecc71206a5b8fa2e656d2a3ae186c1e63

    • SHA512

      859f1fd0877779779059fad437d8ddf5b0bd7e0f4fb724dfe1cc9bee069f2cc8339e7bfdb94fa5d0e65d0fbfb72a9cbe18c578cb249c7a12cbbda59282ab5b43

    • SSDEEP

      12288:p/XPduH5pchAXVcDy2sol2Eq3Upx5wFoSTJrT:pNu0hw0y2xOU4T

    Score
    10/10
    • Laplas Clipper

      Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks