laplas | e785e87f0e16a7b52ec8a725dcb048e6310532c9c535dfef70b0d969a4dd85ab | Triage

Submit
Reports

Overview

overview

Static

static

7

e785e87f0e...ab.exe

windows7-x64

e785e87f0e...ab.exe

windows10-2004-x64

Sharing

General

Target

e785e87f0e16a7b52ec8a725dcb048e6310532c9c535dfef70b0d969a4dd85ab
Size

6.1MB
Sample

241206-eaqdqayke1
MD5

48978e12606c69a14525441154e7bfd5
SHA1

7402deebde1bb439be4c938458f9139ff8ba16ce
SHA256

e785e87f0e16a7b52ec8a725dcb048e6310532c9c535dfef70b0d969a4dd85ab
SHA512

08f7389f19c51b0070c87a129068867cdb1ea24d768ed29001796290182fa1fcb9a3a9a1fc1cd22c49ff251e0366f5dd380ddac7c64e08a2851f8cea287fe9f1
SSDEEP

98304:dSPwB+aOipCWBR6K4OIiGMprhRp8kBdQ9UEUvQxXf1tpqinVruk:vB+aOiDUKzDrhQLZK0f1tQpk

Score

10^/10

laplas clipper discovery stealer vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

e785e87f0e16a7b52ec8a725dcb048e6310532c9c535dfef70b0d969a4dd85ab.exe

Resource

win7-20241010-en

laplas clipper discovery stealer vmprotect

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

e785e87f0e16a7b52ec8a725dcb048e6310532c9c535dfef70b0d969a4dd85ab.exe

Resource

win10v2004-20241007-en

laplas clipper discovery stealer vmprotect

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

laplas

C2

clipper.guru

Attributes

api_key
7ee57b1f6d4aff08f9755119b18cf0754b677addcb6a3063066112b10a357a8e

Targets

- Target
  
  e785e87f0e16a7b52ec8a725dcb048e6310532c9c535dfef70b0d969a4dd85ab
- Size
  
  6.1MB
- MD5
  
  48978e12606c69a14525441154e7bfd5
- SHA1
  
  7402deebde1bb439be4c938458f9139ff8ba16ce
- SHA256
  
  e785e87f0e16a7b52ec8a725dcb048e6310532c9c535dfef70b0d969a4dd85ab
- SHA512
  
  08f7389f19c51b0070c87a129068867cdb1ea24d768ed29001796290182fa1fcb9a3a9a1fc1cd22c49ff251e0366f5dd380ddac7c64e08a2851f8cea287fe9f1
- SSDEEP
  
  98304:dSPwB+aOipCWBR6K4OIiGMprhRp8kBdQ9UEUvQxXf1tpqinVruk:vB+aOiDUKzDrhQLZK0f1tQpk
Score

10^/10

laplas clipper discovery stealer vmprotect
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Laplas family
  laplas
- Executes dropped EXE
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

laplasclipperdiscoverystealervmprotect

behavioral2

laplasclipperdiscoverystealervmprotect

© 2018-2024

Terms | Privacy