General

  • Target

    77.exe

  • Size

    1.9MB

  • Sample

    230630-n8p1aaag9w

  • MD5

    b109489b8bb8ca8d3c5381dd2969ddaf

  • SHA1

    d9579ddc7520d109cb04eb79e47effafb842134a

  • SHA256

    379b9ee5c7de68fe8174c3f6668b2629ef40df26dfbb472deee14dbb79cc8fa9

  • SHA512

    f967b83e22831b814f8ac92c5438af1c47b34321feda3b779ab65e70d8e8192ece86e4482d870b6fb37734fa689f10652ff57ab71388988f71a15290772557ac

  • SSDEEP

    49152:fcntI+Q5GuoQZyk0FXjlCt7JDjWPmMCr0fjYmzEm8SOD:0nT3TFAttXZMCr5muD

Malware Config

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes
  • api_key

    0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Extracted

Family

laplas

C2

http://45.159.189.105

Attributes
  • api_key

    0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Targets

    • Target

      77.exe

    • Size

      1.9MB

    • MD5

      b109489b8bb8ca8d3c5381dd2969ddaf

    • SHA1

      d9579ddc7520d109cb04eb79e47effafb842134a

    • SHA256

      379b9ee5c7de68fe8174c3f6668b2629ef40df26dfbb472deee14dbb79cc8fa9

    • SHA512

      f967b83e22831b814f8ac92c5438af1c47b34321feda3b779ab65e70d8e8192ece86e4482d870b6fb37734fa689f10652ff57ab71388988f71a15290772557ac

    • SSDEEP

      49152:fcntI+Q5GuoQZyk0FXjlCt7JDjWPmMCr0fjYmzEm8SOD:0nT3TFAttXZMCr5muD

    • Laplas Clipper

      Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks