laplas | 48ad9f289de82a58b3b390f4b6b1efe6e756e2a2ff885330bc67be387c924e82 | Triage

Sharing

General

Target

JaffaCakes118_48ad9f289de82a58b3b390f4b6b1efe6e756e2a2ff885330bc67be387c924e82
Size

743.2MB
Sample

241223-24gd8strgv
MD5

b68992b9be1f32714012077281d32ae5
SHA1

ada549e2149aa98d23698ce83cb2bfbd7a0733d7
SHA256

48ad9f289de82a58b3b390f4b6b1efe6e756e2a2ff885330bc67be387c924e82
SHA512

91563d3fa41ef36e011893d7d8f28b0f07fafc7e18baaf00457bc9fb29ab58e0b65bc9c635f86d0411ff6c74e928bfc023dffa446dae259f2c562c1d625b6d02
SSDEEP

12582912:WeWtmxGq+R7PARz/CH2YQs8crIrBHKQeWVtZ+eCf6GcvcdJSClWizwdpqqXidmP:WfsGLP+z/M2YQs88Wpek26qdJSC8zdMQ

Score

10^/10

laplas clipper discovery stealer

Malware Config

Extracted

Family

laplas

C2

194.87.216.44

Attributes

api_key
78a51faf154353b4ff80910568eebfcad84a2c21884e8e575d7e536b57a06b32

Targets

- Target
  
  JaffaCakes118_48ad9f289de82a58b3b390f4b6b1efe6e756e2a2ff885330bc67be387c924e82
- Size
  
  743.2MB
- MD5
  
  b68992b9be1f32714012077281d32ae5
- SHA1
  
  ada549e2149aa98d23698ce83cb2bfbd7a0733d7
- SHA256
  
  48ad9f289de82a58b3b390f4b6b1efe6e756e2a2ff885330bc67be387c924e82
- SHA512
  
  91563d3fa41ef36e011893d7d8f28b0f07fafc7e18baaf00457bc9fb29ab58e0b65bc9c635f86d0411ff6c74e928bfc023dffa446dae259f2c562c1d625b6d02
- SSDEEP
  
  12582912:WeWtmxGq+R7PARz/CH2YQs8crIrBHKQeWVtZ+eCf6GcvcdJSClWizwdpqqXidmP:WfsGLP+z/M2YQs88Wpek26qdJSC8zdMQ
Score

10^/10

laplas clipper discovery stealer
- Laplas Clipper
  Laplas is a crypto wallet stealer with three variants written in Golang, C#, and C++.
  stealer clipper laplas
- Laplas family
  laplas
- Executes dropped EXE
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

laplasclipperdiscoverystealer

behavioral2

laplasclipperdiscoverystealer