Overview

overview

10

Static

static

3

43a466ea26...b7.exe

windows7-x64

10

43a466ea26...b7.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    9s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-08-2023 14:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    43a466ea26d18d125bf8af925bb617b7.exe

  • Size

    1.9MB

  • MD5

    43a466ea26d18d125bf8af925bb617b7

  • SHA1

    a05f3fa8d1b9c7bc183948a516025503a9dda569

  • SHA256

    a3f665043305d67f64f7386a8bcd89dc5ce86a76a6b5042827af58cd8b4e10f2

  • SHA512

    d8c86539b9a115794884f3c6d6fe00beb2e75b0510b85777fc342c691986011864c04c21e0724af5874baa695168fa1e43281e782aeb06348bd572be7b4cf551

  • SSDEEP

    49152:vdndufbt9ODXz12CkNram8AciuXRyjy0EjIdfCN:vdnd6av1iam8Ac4GbU6N

Score
10/10
laplasclipperstealer

Malware Config

Extracted

Family

laplas

C2

http://clipper.guru

Attributes
  • api_key

    0be23a6bec914a7d28f1aae995f036fdba93224093ddb48d02fe43e814862f4e

Signatures

  • Laplas Clipper

    Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.

    stealerclipperlaplas

Processes

  • C:\Users\Admin\AppData\Local\Temp\43a466ea26d18d125bf8af925bb617b7.exe
    "C:\Users\Admin\AppData\Local\Temp\43a466ea26d18d125bf8af925bb617b7.exe"
    1⤵
      PID:2964

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2964-133-0x0000000004490000-0x000000000463A000-memory.dmp
      Filesize

      1.7MB

      Download
    • memory/2964-134-0x0000000004640000-0x0000000004A10000-memory.dmp
      Filesize

      3.8MB

      Download
    • memory/2964-135-0x0000000000400000-0x00000000025CA000-memory.dmp
      Filesize

      33.8MB

      Download