General

  • Target

    4a1f597ed9fb89832e1182a9209d9a65453432e7a445e37c99cafd32963e429e_JC.exe

  • Size

    1.8MB

  • Sample

    230724-pvmtfadb94

  • MD5

    68732e21f497396296e93fb7277add61

  • SHA1

    1fdec6fc0ab4647491cb163a732d985bf6e75f16

  • SHA256

    4a1f597ed9fb89832e1182a9209d9a65453432e7a445e37c99cafd32963e429e

  • SHA512

    b3b2deb42b8c1362642ac725f24a3fc59eade40da1bf5e9f2a66e634ab8f7e3ad75a3eee65003be6532b808ad299ec293a9ceae024217a5de68aa41b61134305

  • SSDEEP

    49152:ZxP1ZMKdnhkmr5VlkA/azDEPKkb89KTYkr3T6:H1v9ViA/wkg9KTZ3T

Malware Config

Extracted

Family

laplas

C2

http://clipper.guru

Attributes
  • api_key

    0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Extracted

Family

laplas

C2

http://clipper.guru

Attributes
  • api_key

    0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Targets

    • Target

      4a1f597ed9fb89832e1182a9209d9a65453432e7a445e37c99cafd32963e429e_JC.exe

    • Size

      1.8MB

    • MD5

      68732e21f497396296e93fb7277add61

    • SHA1

      1fdec6fc0ab4647491cb163a732d985bf6e75f16

    • SHA256

      4a1f597ed9fb89832e1182a9209d9a65453432e7a445e37c99cafd32963e429e

    • SHA512

      b3b2deb42b8c1362642ac725f24a3fc59eade40da1bf5e9f2a66e634ab8f7e3ad75a3eee65003be6532b808ad299ec293a9ceae024217a5de68aa41b61134305

    • SSDEEP

      49152:ZxP1ZMKdnhkmr5VlkA/azDEPKkb89KTYkr3T6:H1v9ViA/wkg9KTZ3T

    • Laplas Clipper

      Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks