laplas | d398d687d76426465501c32c830c6c3298d471bab4223bc6f9ac7d4b30ae558b | Triage

Sharing

General

Target

soft.exe
Size

4.2MB
Sample

230802-c3npgsdd5w
MD5

da89628d89735a5320da0513608b2fd4
SHA1

44b8b35ff51a2e1c7a67c03b243ca467b21b3bb4
SHA256

d398d687d76426465501c32c830c6c3298d471bab4223bc6f9ac7d4b30ae558b
SHA512

9dbe9849c77262227a5a75348a164e6246a8d52a2e65907ef9681687d119a59b40dfd6f8f5b8fcf0f77509a11a7fb8f54b6990814c1958a5e28607e6c896540a
SSDEEP

98304:JQCHegVO9xselnvc9DzG7xxBFKyfmtKNP0R2h7b2:JjHhIxjvc9cxrKHtyc4b2

Score

10^/10

laplas clipper persistence stealer

Malware Config

Extracted

Family

laplas

C2

http://45.159.189.33

Attributes

api_key
d1a05de376c0be1daa56dfb2715c8a0c5df8a111b8b31decc886df1e48db7c9c

Targets

- Target
  
  soft.exe
- Size
  
  4.2MB
- MD5
  
  da89628d89735a5320da0513608b2fd4
- SHA1
  
  44b8b35ff51a2e1c7a67c03b243ca467b21b3bb4
- SHA256
  
  d398d687d76426465501c32c830c6c3298d471bab4223bc6f9ac7d4b30ae558b
- SHA512
  
  9dbe9849c77262227a5a75348a164e6246a8d52a2e65907ef9681687d119a59b40dfd6f8f5b8fcf0f77509a11a7fb8f54b6990814c1958a5e28607e6c896540a
- SSDEEP
  
  98304:JQCHegVO9xselnvc9DzG7xxBFKyfmtKNP0R2h7b2:JjHhIxjvc9cxrKHtyc4b2
Score

10^/10

laplas clipper persistence stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

laplasclipperpersistencestealer

behavioral2

laplasclipperpersistencestealer