Analysis

  • max time kernel
    1s
  • max time network
    2s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    23-07-2023 17:21

General

  • Target

    68732e21f497396296e93fb7277add61.bin.exe

  • Size

    1.8MB

  • MD5

    68732e21f497396296e93fb7277add61

  • SHA1

    1fdec6fc0ab4647491cb163a732d985bf6e75f16

  • SHA256

    4a1f597ed9fb89832e1182a9209d9a65453432e7a445e37c99cafd32963e429e

  • SHA512

    b3b2deb42b8c1362642ac725f24a3fc59eade40da1bf5e9f2a66e634ab8f7e3ad75a3eee65003be6532b808ad299ec293a9ceae024217a5de68aa41b61134305

  • SSDEEP

    49152:ZxP1ZMKdnhkmr5VlkA/azDEPKkb89KTYkr3T6:H1v9ViA/wkg9KTZ3T

Score
10/10

Malware Config

Extracted

Family

laplas

C2

http://clipper.guru

Attributes
  • api_key

    0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Signatures

  • Laplas Clipper

    Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

Processes

  • C:\Users\Admin\AppData\Local\Temp\68732e21f497396296e93fb7277add61.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\68732e21f497396296e93fb7277add61.bin.exe"
    1⤵
      PID:1368

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1368-53-0x0000000003FA0000-0x000000000414A000-memory.dmp

      Filesize

      1.7MB

    • memory/1368-54-0x0000000003FA0000-0x000000000414A000-memory.dmp

      Filesize

      1.7MB

    • memory/1368-55-0x0000000004150000-0x0000000004520000-memory.dmp

      Filesize

      3.8MB

    • memory/1368-56-0x0000000000400000-0x0000000002606000-memory.dmp

      Filesize

      34.0MB